git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Roberto Sassu <roberto.sassu@huawei.com>
	Mon, 27 Apr 2020 10:28:56 +0000 (12:28 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 27 May 2020 14:41:39 +0000 (16:41 +0200)
commit	ab97e5a9fdda460e4ef43cae75139193a46b12eb
tree	20df47d6202c76134baa4433b8b71a914db002c4	tree \| snapshot
parent	6953f88cd3e7ba0be11863604215a7e68d8e203d	commit \| diff

evm: Check also if *tfm is an error pointer in init_desc()

[ Upstream commit 53de3b080d5eae31d0de219617155dcc34e7d698 ]

This patch avoids a kernel panic due to accessing an error pointer set by
crypto_alloc_shash(). It occurs especially when there are many files that
require an unsupported algorithm, as it would increase the likelihood of
the following race condition:

Task A: *tfm = crypto_alloc_shash() <= error pointer
Task B: if (*tfm == NULL) <= *tfm is not NULL, use it
Task B: rc = crypto_shash_init(desc) <= panic
Task A: *tfm = NULL

This patch uses the IS_ERR_OR_NULL macro to determine whether or not a new
crypto context must be created.

Cc: stable@vger.kernel.org
Fixes: d46eb3699502b ("evm: crypto hash replaced by shash")
Co-developed-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com>
Signed-off-by: Krzysztof Struczynski <krzysztof.struczynski@huawei.com>
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>