diff options
author | Takashi Iwai <tiwai@suse.de> | 2014-12-04 18:25:19 +0100 |
---|---|---|
committer | Luis Henriques <luis.henriques@canonical.com> | 2015-01-15 10:43:37 +0000 |
commit | 6c3b5006257f906e344f85ff9d5eae5dae85937a (patch) | |
tree | 9045988679f316008fd9f22dc104df93e2fa8eef /security | |
parent | 0fe729eccacd24a13d2822640619d5ba75134606 (diff) | |
download | linux-stable-6c3b5006257f906e344f85ff9d5eae5dae85937a.tar.gz linux-stable-6c3b5006257f906e344f85ff9d5eae5dae85937a.tar.bz2 linux-stable-6c3b5006257f906e344f85ff9d5eae5dae85937a.zip |
KEYS: Fix stale key registration at error path
commit b26bdde5bb27f3f900e25a95e33a0c476c8c2c48 upstream.
When loading encrypted-keys module, if the last check of
aes_get_sizes() in init_encrypted() fails, the driver just returns an
error without unregistering its key type. This results in the stale
entry in the list. In addition to memory leaks, this leads to a kernel
crash when registering a new key type later.
This patch fixes the problem by swapping the calls of aes_get_sizes()
and register_key_type(), and releasing resources properly at the error
paths.
Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=908163
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/keys/encrypted-keys/encrypted.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index 5fe443d120af..556c43df6636 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c @@ -1018,10 +1018,13 @@ static int __init init_encrypted(void) ret = encrypted_shash_alloc(); if (ret < 0) return ret; + ret = aes_get_sizes(); + if (ret < 0) + goto out; ret = register_key_type(&key_type_encrypted); if (ret < 0) goto out; - return aes_get_sizes(); + return 0; out: encrypted_shash_release(); return ret; |