diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2010-12-20 12:37:18 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-01-13 18:27:46 -0500 |
commit | 40c1001792de63e0f90e977eb05393fd71f78692 (patch) | |
tree | 7172e92ccefd8f4b8ee42401901ddab5bec687b5 | |
parent | 581548db3b3c0f6e25b500329eb02e3c72e7acbe (diff) |
trusted-keys: free memory bugfix
Add missing kfree(td) in tpm_seal() before the return, freeing
td on error paths as well.
Reported-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: David Safford <safford@watson.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/keys/trusted_defined.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/security/keys/trusted_defined.c b/security/keys/trusted_defined.c index 975e9f29a52c..932f8687df16 100644 --- a/security/keys/trusted_defined.c +++ b/security/keys/trusted_defined.c | |||
@@ -511,7 +511,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
511 | /* get session for sealing key */ | 511 | /* get session for sealing key */ |
512 | ret = osap(tb, &sess, keyauth, keytype, keyhandle); | 512 | ret = osap(tb, &sess, keyauth, keytype, keyhandle); |
513 | if (ret < 0) | 513 | if (ret < 0) |
514 | return ret; | 514 | goto out; |
515 | dump_sess(&sess); | 515 | dump_sess(&sess); |
516 | 516 | ||
517 | /* calculate encrypted authorization value */ | 517 | /* calculate encrypted authorization value */ |
@@ -519,11 +519,11 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
519 | memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE); | 519 | memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE); |
520 | ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash); | 520 | ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash); |
521 | if (ret < 0) | 521 | if (ret < 0) |
522 | return ret; | 522 | goto out; |
523 | 523 | ||
524 | ret = tpm_get_random(tb, td->nonceodd, TPM_NONCE_SIZE); | 524 | ret = tpm_get_random(tb, td->nonceodd, TPM_NONCE_SIZE); |
525 | if (ret < 0) | 525 | if (ret < 0) |
526 | return ret; | 526 | goto out; |
527 | ordinal = htonl(TPM_ORD_SEAL); | 527 | ordinal = htonl(TPM_ORD_SEAL); |
528 | datsize = htonl(datalen); | 528 | datsize = htonl(datalen); |
529 | pcrsize = htonl(pcrinfosize); | 529 | pcrsize = htonl(pcrinfosize); |
@@ -552,7 +552,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
552 | &datsize, datalen, data, 0, 0); | 552 | &datsize, datalen, data, 0, 0); |
553 | } | 553 | } |
554 | if (ret < 0) | 554 | if (ret < 0) |
555 | return ret; | 555 | goto out; |
556 | 556 | ||
557 | /* build and send the TPM request packet */ | 557 | /* build and send the TPM request packet */ |
558 | INIT_BUF(tb); | 558 | INIT_BUF(tb); |
@@ -572,7 +572,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
572 | 572 | ||
573 | ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE); | 573 | ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE); |
574 | if (ret < 0) | 574 | if (ret < 0) |
575 | return ret; | 575 | goto out; |
576 | 576 | ||
577 | /* calculate the size of the returned Blob */ | 577 | /* calculate the size of the returned Blob */ |
578 | sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t)); | 578 | sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t)); |
@@ -591,6 +591,8 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
591 | memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize); | 591 | memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize); |
592 | *bloblen = storedsize; | 592 | *bloblen = storedsize; |
593 | } | 593 | } |
594 | out: | ||
595 | kfree(td); | ||
594 | return ret; | 596 | return ret; |
595 | } | 597 | } |
596 | 598 | ||