diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-05 13:31:19 +0900 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-05 13:31:19 +0900 |
commit | ee39d46dcaf8f25894f13236d3d984d9a4d2fd3e (patch) | |
tree | 6119a1f94a6f5c0affc14103784f0d0933aa30d8 | |
parent | a5fff14a0c7989fbc8316a43f52aed1804f02ddd (diff) | |
parent | 21d4120ec6f5b5992b01b96ac484701163917b63 (diff) |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto fixes from Herbert Xu:
"This fixes two memory leaks and a list corruption bug"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
crypto: user - prevent operating on larval algorithms
crypto: cryptd - Fix skcipher instance memory leak
lib/mpi: Fix karactx leak in mpi_powm
-rw-r--r-- | crypto/cryptd.c | 1 | ||||
-rw-r--r-- | crypto/crypto_user_base.c | 3 | ||||
-rw-r--r-- | lib/mpi/mpi-pow.c | 6 |
3 files changed, 6 insertions, 4 deletions
diff --git a/crypto/cryptd.c b/crypto/cryptd.c index 1ce1bf6d3bab..5f76c6e222c6 100644 --- a/crypto/cryptd.c +++ b/crypto/cryptd.c @@ -388,6 +388,7 @@ static void cryptd_skcipher_free(struct skcipher_instance *inst) struct skcipherd_instance_ctx *ctx = skcipher_instance_ctx(inst); crypto_drop_skcipher(&ctx->spawn); + kfree(inst); } static int cryptd_create_skcipher(struct crypto_template *tmpl, diff --git a/crypto/crypto_user_base.c b/crypto/crypto_user_base.c index d5d5d155340b..c65e39005ce2 100644 --- a/crypto/crypto_user_base.c +++ b/crypto/crypto_user_base.c @@ -44,6 +44,9 @@ struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact) list_for_each_entry(q, &crypto_alg_list, cra_list) { int match = 0; + if (crypto_is_larval(q)) + continue; + if ((q->cra_flags ^ p->cru_type) & p->cru_mask) continue; diff --git a/lib/mpi/mpi-pow.c b/lib/mpi/mpi-pow.c index 82b19e4f1189..2fd7a46d55ec 100644 --- a/lib/mpi/mpi-pow.c +++ b/lib/mpi/mpi-pow.c @@ -24,6 +24,7 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod) { mpi_ptr_t mp_marker = NULL, bp_marker = NULL, ep_marker = NULL; + struct karatsuba_ctx karactx = {}; mpi_ptr_t xp_marker = NULL; mpi_ptr_t tspace = NULL; mpi_ptr_t rp, ep, mp, bp; @@ -150,13 +151,11 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod) int c; mpi_limb_t e; mpi_limb_t carry_limb; - struct karatsuba_ctx karactx; xp = xp_marker = mpi_alloc_limb_space(2 * (msize + 1)); if (!xp) goto enomem; - memset(&karactx, 0, sizeof karactx); negative_result = (ep[0] & 1) && base->sign; i = esize - 1; @@ -281,8 +280,6 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod) if (mod_shift_cnt) mpihelp_rshift(rp, rp, rsize, mod_shift_cnt); MPN_NORMALIZE(rp, rsize); - - mpihelp_release_karatsuba_ctx(&karactx); } if (negative_result && rsize) { @@ -299,6 +296,7 @@ int mpi_powm(MPI res, MPI base, MPI exp, MPI mod) leave: rc = 0; enomem: + mpihelp_release_karatsuba_ctx(&karactx); if (assign_rp) mpi_assign_limb_space(res, rp, size); if (mp_marker) |