summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephan Müller <smueller@chronox.de>2020-06-07 15:20:26 +0200
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2022-06-25 11:49:13 +0200
commitb4170eda3ef5d1d7cc00393a82e29ace0f46eeef (patch)
treebe6358799b2b69667f6f3e2bb242e4489afe8df9
parent960e64920c4e8b8473dfbec3101e2678474820ad (diff)
downloadlinux-stable-b4170eda3ef5d1d7cc00393a82e29ace0f46eeef.tar.gz
linux-stable-b4170eda3ef5d1d7cc00393a82e29ace0f46eeef.tar.bz2
linux-stable-b4170eda3ef5d1d7cc00393a82e29ace0f46eeef.zip
crypto: drbg - always try to free Jitter RNG instance
commit 819966c06b759022e9932f328284314d9272b9f3 upstream. The Jitter RNG is unconditionally allocated as a seed source follwoing the patch 97f2650e5040. Thus, the instance must always be deallocated. Reported-by: syzbot+2e635807decef724a1fa@syzkaller.appspotmail.com Fixes: 97f2650e5040 ("crypto: drbg - always seeded with SP800-90B ...") Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rw-r--r--crypto/drbg.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/crypto/drbg.c b/crypto/drbg.c
index 8f232c782bc0..8562832338ad 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1644,10 +1644,12 @@ static int drbg_uninstantiate(struct drbg_state *drbg)
if (drbg->random_ready.notifier_call) {
unregister_random_ready_notifier(&drbg->random_ready);
cancel_work_sync(&drbg->seed_work);
- crypto_free_rng(drbg->jent);
- drbg->jent = NULL;
}
+ if (!IS_ERR_OR_NULL(drbg->jent))
+ crypto_free_rng(drbg->jent);
+ drbg->jent = NULL;
+
if (drbg->d_ops)
drbg->d_ops->crypto_fini(drbg);
drbg_dealloc_state(drbg);