Commit a481fd1277218473754388695b361c2981d5257b
Committed by
Greg Kroah-Hartman
1 parent
f3d4175f05
KEYS: Fix stale key registration at error path
commit b26bdde5bb27f3f900e25a95e33a0c476c8c2c48 upstream. When loading encrypted-keys module, if the last check of aes_get_sizes() in init_encrypted() fails, the driver just returns an error without unregistering its key type. This results in the stale entry in the list. In addition to memory leaks, this leads to a kernel crash when registering a new key type later. This patch fixes the problem by swapping the calls of aes_get_sizes() and register_key_type(), and releasing resources properly at the error paths. Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=908163 Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Showing 1 changed file with 4 additions and 1 deletions Side-by-side Diff
security/keys/encrypted-keys/encrypted.c
... | ... | @@ -1017,10 +1017,13 @@ |
1017 | 1017 | ret = encrypted_shash_alloc(); |
1018 | 1018 | if (ret < 0) |
1019 | 1019 | return ret; |
1020 | + ret = aes_get_sizes(); | |
1021 | + if (ret < 0) | |
1022 | + goto out; | |
1020 | 1023 | ret = register_key_type(&key_type_encrypted); |
1021 | 1024 | if (ret < 0) |
1022 | 1025 | goto out; |
1023 | - return aes_get_sizes(); | |
1026 | + return 0; | |
1024 | 1027 | out: |
1025 | 1028 | encrypted_shash_release(); |
1026 | 1029 | return ret; |