From: "Stephan M� <smueller@xxxxxxxxxx>
commit 819966c06b759022e9932f328284314d9272b9f3 upstream.
The Jitter RNG is unconditionally allocated as a seed source follwoing
the patch 97f2650e5040. Thus, the instance must always be deallocated.
Reported-by: syzbot+2e635807decef724a1fa@xxxxxxxxxxxxxxxxxxxxxxxxx
Fixes: 97f2650e5040 ("crypto: drbg - always seeded with SP800-90B ...")
Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
crypto/drbg.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1647,10 +1647,12 @@ static int drbg_uninstantiate(struct drb
if (drbg->random_ready.notifier_call) {
unregister_random_ready_notifier(&drbg->random_ready);
cancel_work_sync(&drbg->seed_work);
- crypto_free_rng(drbg->jent);
- drbg->jent = NULL;
}
+ if (!IS_ERR_OR_NULL(drbg->jent))
+ crypto_free_rng(drbg->jent);
+ drbg->jent = NULL;
+
if (drbg->d_ops)
drbg->d_ops->crypto_fini(drbg);
drbg_dealloc_state(drbg);
