summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorTakashi Iwai <tiwai@suse.de>2014-12-04 18:25:19 +0100
committerMimi Zohar <zohar@linux.vnet.ibm.com>2014-12-06 21:50:36 -0500
commitb26bdde5bb27f3f900e25a95e33a0c476c8c2c48 (patch)
treee635750c82fe5e60db3c6cebb99ca8b61fad0661 /security
parentb2d1965dcea148100ffc4e7199470bf5fad13871 (diff)
downloadlinux-b26bdde5bb27f3f900e25a95e33a0c476c8c2c48.tar.gz
linux-b26bdde5bb27f3f900e25a95e33a0c476c8c2c48.tar.bz2
linux-b26bdde5bb27f3f900e25a95e33a0c476c8c2c48.zip
KEYS: Fix stale key registration at error path
When loading encrypted-keys module, if the last check of aes_get_sizes() in init_encrypted() fails, the driver just returns an error without unregistering its key type. This results in the stale entry in the list. In addition to memory leaks, this leads to a kernel crash when registering a new key type later. This patch fixes the problem by swapping the calls of aes_get_sizes() and register_key_type(), and releasing resources properly at the error paths. Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=908163 Cc: <stable@vger.kernel.org> Signed-off-by: Takashi Iwai <tiwai@suse.de> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'security')
-rw-r--r--security/keys/encrypted-keys/encrypted.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c
index db9675db1026..7bed4ad7cd76 100644
--- a/security/keys/encrypted-keys/encrypted.c
+++ b/security/keys/encrypted-keys/encrypted.c
@@ -1017,10 +1017,13 @@ static int __init init_encrypted(void)
ret = encrypted_shash_alloc();
if (ret < 0)
return ret;
+ ret = aes_get_sizes();
+ if (ret < 0)
+ goto out;
ret = register_key_type(&key_type_encrypted);
if (ret < 0)
goto out;
- return aes_get_sizes();
+ return 0;
out:
encrypted_shash_release();
return ret;