Currently the resource allocated by crypto_alloc_shash() is not freed in case crypto_alloc_aead() fails, resulting in memory leak.
Add crypto_free_shash() to fix it.
Found by code review.
Cc: stable@vger.kernel.org Fixes: d2c8ac187fc9 ("crypto: sa2ul - Add AEAD algorithm support") Signed-off-by: Ma Ke make24@iscas.ac.cn --- drivers/crypto/sa2ul.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index 461eca40e878..b5af621f7f17 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -1740,7 +1740,8 @@ static int sa_cra_init_aead(struct crypto_aead *tfm, const char *hash, ctx->shash = crypto_alloc_shash(hash, 0, CRYPTO_ALG_NEED_FALLBACK); if (IS_ERR(ctx->shash)) { dev_err(sa_k3_dev, "base driver %s couldn't be loaded\n", hash); - return PTR_ERR(ctx->shash); + ret = PTR_ERR(ctx->shash); + goto err_free_shash; }
ctx->fallback.aead = crypto_alloc_aead(fallback, 0, @@ -1749,7 +1750,8 @@ static int sa_cra_init_aead(struct crypto_aead *tfm, const char *hash, if (IS_ERR(ctx->fallback.aead)) { dev_err(sa_k3_dev, "fallback driver %s couldn't be loaded\n", fallback); - return PTR_ERR(ctx->fallback.aead); + ret = PTR_ERR(ctx->fallback.aead); + goto err_free_shash; }
crypto_aead_set_reqsize(tfm, sizeof(struct aead_request) + @@ -1757,19 +1759,23 @@ static int sa_cra_init_aead(struct crypto_aead *tfm, const char *hash,
ret = sa_init_ctx_info(&ctx->enc, data); if (ret) - return ret; + goto err_free_shash;
ret = sa_init_ctx_info(&ctx->dec, data); - if (ret) { - sa_free_ctx_info(&ctx->enc, data); - return ret; - } + if (ret) + goto err_free_ctx_info;
dev_dbg(sa_k3_dev, "%s(0x%p) sc-ids(0x%x(0x%pad), 0x%x(0x%pad))\n", __func__, tfm, ctx->enc.sc_id, &ctx->enc.sc_phys, ctx->dec.sc_id, &ctx->dec.sc_phys);
return ret; + +err_free_ctx_info: + sa_free_ctx_info(&ctx->enc, data); +err_free_shash: + crypto_free_shash(ctx->shash); + return ret; }
static int sa_cra_init_aead_sha1(struct crypto_aead *tfm)
On Mon, Aug 19, 2024 at 04:48:43PM +0800, Ma Ke wrote:
Currently the resource allocated by crypto_alloc_shash() is not freed in case crypto_alloc_aead() fails, resulting in memory leak.
Add crypto_free_shash() to fix it.
Found by code review.
Cc: stable@vger.kernel.org Fixes: d2c8ac187fc9 ("crypto: sa2ul - Add AEAD algorithm support") Signed-off-by: Ma Ke make24@iscas.ac.cn
drivers/crypto/sa2ul.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/sa2ul.c b/drivers/crypto/sa2ul.c index 461eca40e878..b5af621f7f17 100644 --- a/drivers/crypto/sa2ul.c +++ b/drivers/crypto/sa2ul.c @@ -1740,7 +1740,8 @@ static int sa_cra_init_aead(struct crypto_aead *tfm, const char *hash, ctx->shash = crypto_alloc_shash(hash, 0, CRYPTO_ALG_NEED_FALLBACK); if (IS_ERR(ctx->shash)) { dev_err(sa_k3_dev, "base driver %s couldn't be loaded\n", hash);
return PTR_ERR(ctx->shash);
ret = PTR_ERR(ctx->shash);goto err_free_shash;
This hunk is unnecessary and confusing. Please keep the existing code.
@@ -1749,7 +1750,8 @@ static int sa_cra_init_aead(struct crypto_aead *tfm, const char *hash, if (IS_ERR(ctx->fallback.aead)) { dev_err(sa_k3_dev, "fallback driver %s couldn't be loaded\n", fallback);
return PTR_ERR(ctx->fallback.aead);
ret = PTR_ERR(ctx->fallback.aead);goto err_free_shash;crypto_aead_set_reqsize(tfm, sizeof(struct aead_request) + @@ -1757,19 +1759,23 @@ static int sa_cra_init_aead(struct crypto_aead *tfm, const char *hash, ret = sa_init_ctx_info(&ctx->enc, data); if (ret)
return ret;
goto err_free_shash;
Shouldn't this free the fallback AEAD?
Cheers,
linux-stable-mirror@lists.linaro.org
-
Herbert Xu -
Ma Ke