diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2010-12-20 12:37:18 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-01-14 10:27:46 +1100 |
commit | 40c1001792de63e0f90e977eb05393fd71f78692 (patch) | |
tree | 7172e92ccefd8f4b8ee42401901ddab5bec687b5 /security | |
parent | 581548db3b3c0f6e25b500329eb02e3c72e7acbe (diff) | |
download | op-kernel-dev-40c1001792de63e0f90e977eb05393fd71f78692.zip op-kernel-dev-40c1001792de63e0f90e977eb05393fd71f78692.tar.gz |
trusted-keys: free memory bugfix
Add missing kfree(td) in tpm_seal() before the return, freeing
td on error paths as well.
Reported-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: David Safford <safford@watson.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/keys/trusted_defined.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/security/keys/trusted_defined.c b/security/keys/trusted_defined.c index 975e9f2..932f868 100644 --- a/security/keys/trusted_defined.c +++ b/security/keys/trusted_defined.c @@ -511,7 +511,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, /* get session for sealing key */ ret = osap(tb, &sess, keyauth, keytype, keyhandle); if (ret < 0) - return ret; + goto out; dump_sess(&sess); /* calculate encrypted authorization value */ @@ -519,11 +519,11 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE); ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash); if (ret < 0) - return ret; + goto out; ret = tpm_get_random(tb, td->nonceodd, TPM_NONCE_SIZE); if (ret < 0) - return ret; + goto out; ordinal = htonl(TPM_ORD_SEAL); datsize = htonl(datalen); pcrsize = htonl(pcrinfosize); @@ -552,7 +552,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, &datsize, datalen, data, 0, 0); } if (ret < 0) - return ret; + goto out; /* build and send the TPM request packet */ INIT_BUF(tb); @@ -572,7 +572,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE); if (ret < 0) - return ret; + goto out; /* calculate the size of the returned Blob */ sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t)); @@ -591,6 +591,8 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize); *bloblen = storedsize; } +out: + kfree(td); return ret; } |