aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-kernel/cryptodev/sdk_patches/0029-fix-clean-up-on-error-path-for-crypto_create_session.patch
blob: 67e4a89d393d03926bac53cadff20226aa185d6f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
From 294abaaa4540ec340ed6046a784c9789c8724420 Mon Sep 17 00:00:00 2001
From: Cristian Stoica <cristian.stoica@nxp.com>
Date: Mon, 11 Jan 2016 17:45:50 +0200
Subject: [PATCH 29/38] fix clean-up on error path for crypto_create_session

This patch fixes clean-up on error path for failed allocations of
ses_new->pages or ses_new->sg. In these cases, allocations made in
cryptodev_hash_init have not been undone resulting in possible memory
leaks.

We take advantage of the initializations with zeros of the session
structure to trim the code to a single clean-up path.

Signed-off-by: Cristian Stoica <cristian.stoica@nxp.com>
---
 ioctl.c | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/ioctl.c b/ioctl.c
index b23f5fd..c781f9d 100644
--- a/ioctl.c
+++ b/ioctl.c
@@ -228,7 +228,8 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
 		return -EINVAL;
 	}
 
-	/* Create a session and put it to the list. */
+	/* Create a session and put it to the list. Zeroing the structure helps
+	 * also with a single exit point in case of errors */
 	ses_new = kzalloc(sizeof(*ses_new), GFP_KERNEL);
 	if (!ses_new)
 		return -ENOMEM;
@@ -240,19 +241,19 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
 		if (unlikely(ret < 0)) {
 			ddebug(1, "Setting key failed for %s-%zu.",
 				alg_name, (size_t)sop->keylen*8);
-			goto error_cipher;
+			goto session_error;
 		}
 
 		ret = cryptodev_get_cipher_key(keys.ckey, sop, aead);
 		if (unlikely(ret < 0))
-			goto error_cipher;
+			goto session_error;
 
 		ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, keys.ckey,
 						keylen, stream, aead);
 		if (ret < 0) {
 			ddebug(1, "Failed to load cipher for %s", alg_name);
 			ret = -EINVAL;
-			goto error_cipher;
+			goto session_error;
 		}
 	}
 
@@ -261,13 +262,13 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
 			ddebug(1, "Setting key failed for %s-%zu.",
 				hash_name, (size_t)sop->mackeylen*8);
 			ret = -EINVAL;
-			goto error_hash;
+			goto session_error;
 		}
 
 		if (sop->mackey && unlikely(copy_from_user(keys.mkey, sop->mackey,
 					    sop->mackeylen))) {
 			ret = -EFAULT;
-			goto error_hash;
+			goto session_error;
 		}
 
 		ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode,
@@ -275,7 +276,7 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
 		if (ret != 0) {
 			ddebug(1, "Failed to load hash for %s", hash_name);
 			ret = -EINVAL;
-			goto error_hash;
+			goto session_error;
 		}
 	}
 
@@ -292,7 +293,7 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop)
 	if (ses_new->sg == NULL || ses_new->pages == NULL) {
 		ddebug(0, "Memory error");
 		ret = -ENOMEM;
-		goto error_hash;
+		goto session_error;
 	}
 
 	/* put the new session to the list */
@@ -316,18 +317,19 @@ restart:
 
 	/* Fill in some values for the user. */
 	sop->ses = ses_new->sid;
-
 	return 0;
 
-error_hash:
+	/* We count on ses_new to be initialized with zeroes
+	 * Since hdata and cdata are embedded within ses_new, it follows that
+	 * hdata->init and cdata->init are either zero or one as they have been
+	 * initialized or not */
+session_error:
+	cryptodev_hash_deinit(&ses_new->hdata);
 	cryptodev_cipher_deinit(&ses_new->cdata);
 	kfree(ses_new->sg);
 	kfree(ses_new->pages);
-error_cipher:
 	kfree(ses_new);
-
 	return ret;
-
 }
 
 /* Everything that needs to be done when remowing a session. */
-- 
2.7.0