iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

crypto: drbg - always try to free Jitter RNG instance

Browse Source 
commit 819966c06b upstream.

The Jitter RNG is unconditionally allocated as a seed source follwoing
the patch 97f2650e50. Thus, the instance must always be deallocated.

Reported-by: syzbot+2e635807decef724a1fa@syzkaller.appspotmail.com
Fixes: 97f2650e50 ("crypto: drbg - always seeded with SP800-90B ...")
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Stephan Müller
2020-06-07 15:20:26 +02:00
committed by Greg Kroah-Hartman
parent f9d953c3ef
commit ba6a98f8c7
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/drbg.c
View File

@ -1646,10 +1646,12 @@ static int drbg_uninstantiate(struct drbg_state *drbg)
if (drbg->random_ready.notifier_call) { if (drbg->random_ready.notifier_call) {
unregister_random_ready_notifier(&drbg->random_ready); unregister_random_ready_notifier(&drbg->random_ready);
cancel_work_sync(&drbg->seed_work); cancel_work_sync(&drbg->seed_work);
crypto_free_rng(drbg->jent);
drbg->jent = NULL;
} }
if (!IS_ERR_OR_NULL(drbg->jent))
crypto_free_rng(drbg->jent);
drbg->jent = NULL;
if (drbg->d_ops) if (drbg->d_ops)
drbg->d_ops->crypto_fini(drbg); drbg->d_ops->crypto_fini(drbg);
drbg_dealloc_state(drbg); drbg_dealloc_state(drbg);