On Fri, 11 Feb 2011, Jesper Juhl wrote:
> On Fri, 11 Feb 2011, Jesper Juhl wrote:
>
> > On Fri, 11 Feb 2011, Paoloni, Gabriele wrote:
> >
> > > Well anyway I think that the return value of "ablkcipher_request_alloc(ctr_tfm, GFP_KERNEL)" has to be changed from -EINVAL to -ENOMEM in case of failure. That is why would stay on the patch that Tadeusz proposed. Otherwise Juhl should send another one....
> > >
> > I'll take a look again later this evening when I get home from work.
> >
> Hopefully this takes care of all complaints and can actually get merged so
> we can get the leak fixed (patch is against current cryptodev-2.6 tree).
>
>
> Fix up previous patch that failed to properly fix mem leak in
> rfc4106_set_hash_subkey(). This add-on patch; fixes the leak. moves
> kfree() out of the error path, returns -ENOMEM rather than -EINVAL when
> ablkcipher_request_alloc() fails.
>
And of course I just had to screw up and send the wrong diff. The one I
sent does not compile and was a temporary file I imported into the mail by
accident :-(
Below is the real patch - changelog above still applies - sorry about
that.
Signed-off-by: Jesper Juhl <jj@xxxxxxxxxxxxx>
---
aesni-intel_glue.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/arch/x86/crypto/aesni-intel_glue.c b/arch/x86/crypto/aesni-intel_glue.c
index e013552..e0e6340 100644
--- a/arch/x86/crypto/aesni-intel_glue.c
+++ b/arch/x86/crypto/aesni-intel_glue.c
@@ -874,19 +874,17 @@ rfc4106_set_hash_subkey(u8 *hash_subkey, const u8 *key, unsigned int key_len)
ret = crypto_ablkcipher_setkey(ctr_tfm, key, key_len);
if (ret)
- goto out;
+ goto out_free_ablkcipher;
+ ret = -ENOMEM;
req = ablkcipher_request_alloc(ctr_tfm, GFP_KERNEL);
- if (!req) {
- ret = -EINVAL;
+ if (!req)
goto out_free_ablkcipher;
- }
req_data = kmalloc(sizeof(*req_data), GFP_KERNEL);
- if (!req_data) {
- ret = -ENOMEM;
+ if (!req_data)
goto out_free_request;
- }
+
memset(req_data->iv, 0, sizeof(req_data->iv));
/* Clear the data in the hash sub key container to zero.*/
@@ -911,12 +909,11 @@ rfc4106_set_hash_subkey(u8 *hash_subkey, const u8 *key, unsigned int key_len)
if (!ret)
ret = req_data->result.err;
}
+ kfree(req_data);
out_free_request:
ablkcipher_request_free(req);
- kfree(req_data);
out_free_ablkcipher:
crypto_free_ablkcipher(ctr_tfm);
-out:
return ret;
}
--
Jesper Juhl <jj@xxxxxxxxxxxxx> http://www.chaosbits.net/
Plain text mails only, please.
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
