projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bdbd3ca)
MODSIGN: Make shash allocation failure fatal
authorBen Hutchings <ben@decadent.org.uk>
Sun, 5 May 2019 12:45:06 +0000 (13:45 +0100)
committerSalvatore Bonaccorso <carnil@debian.org>
Thu, 1 Dec 2022 06:42:33 +0000 (06:42 +0000)
mod_is_hash_blacklisted() currently returns 0 (suceess) if
crypto_alloc_shash() fails.  This should instead be a fatal error,
so unwrap and pass up the error code.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name modsign-make-shash-allocation-failure-fatal.patch

kernel/module/signing.c patch | blob | history

diff --git a/kernel/module/signing.c b/kernel/module/signing.c
index 26e36fc8ff4870811c9703476b32de0f2140380e..494aa421916aec04dfb0ca967aa80a087fd55d74 100644 (file)
--- a/kernel/module/signing.c
+++ b/kernel/module/signing.c
@@ -45,11 +45,13 @@ static int mod_is_hash_blacklisted(const void *mod, size_t verifylen)
        struct shash_desc *desc;
        size_t digest_size, desc_size;
        u8 *digest;
-       int ret = 0;
+       int ret;
 
        tfm = crypto_alloc_shash("sha256", 0, 0);
-       if (IS_ERR(tfm))
+       if (IS_ERR(tfm)) {
+               ret = PTR_ERR(tfm);
                goto error_return;
+       }
 
        desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
        digest_size = crypto_shash_digestsize(tfm);
Unnamed repository; edit this file 'description' to name the repository.