Skip to content

L
linux
Commit df50c088 authored by Kazunori Miyazawa's avatar Kazunori Miyazawa Committed by David S. Miller
Browse files
Options

[IPSEC]: Fix processing of error from crypto module. 

ESP needs to check for error returns from calls
to crypto_cipher_setkey().
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 526160d9
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 11 deletions
net/ipv4/esp4.c
View file @ df50c088
......@@ -427,7 +427,8 @@ static int esp_init_state(struct xfrm_state *x, void *args)
goto error;
get_random_bytes(esp->conf.ivec, esp->conf.ivlen);
}
crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len);
if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len))
goto error;
x->props.header_len = sizeof(struct ip_esp_hdr) + esp->conf.ivlen;
if (x->props.mode)
x->props.header_len += sizeof(struct iphdr);
......
net/ipv6/esp6.c
View file @ df50c088
......@@ -364,7 +364,8 @@ static int esp6_init_state(struct xfrm_state *x, void *args)
goto error;
get_random_bytes(esp->conf.ivec, esp->conf.ivlen);
}
crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len);
if (crypto_cipher_setkey(esp->conf.tfm, esp->conf.key, esp->conf.key_len))
goto error;
x->props.header_len = sizeof(struct ipv6_esp_hdr) + esp->conf.ivlen;
if (x->props.mode)
x->props.header_len += sizeof(struct ipv6hdr);
......@@ -372,15 +373,9 @@ static int esp6_init_state(struct xfrm_state *x, void *args)
return 0;
error:
if (esp) {
if (esp->auth.tfm)
crypto_free_tfm(esp->auth.tfm);
if (esp->auth.work_icv)
kfree(esp->auth.work_icv);
if (esp->conf.tfm)
crypto_free_tfm(esp->conf.tfm);
kfree(esp);
}
x->data = esp;
esp6_destroy(x);
x->data = NULL;
return -EINVAL;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7