From: Ben Boeckel <[email protected]>
The `tpm_get_ops` call at the beginning of the function is not paired
with a `tpm_put_ops` on this return path.
Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs")
Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Ben Boeckel <[email protected]>
---
security/keys/trusted-keys/trusted_tpm2.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index 617fabd4d913..25c2c4d564de 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -335,8 +335,10 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
else
rc = -EPERM;
}
- if (blob_len < 0)
+ if (blob_len < 0) {
+ tpm_put_ops(chip);
return blob_len;
+ }
payload->blob_len = blob_len;
--
2.30.2
On Thu, 2021-04-29 at 14:37 -0400, Ben Boeckel wrote:
> From: Ben Boeckel <[email protected]>
>
> The `tpm_get_ops` call at the beginning of the function is not paired
> with a `tpm_put_ops` on this return path.
>
> Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key
> format for the blobs")
> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Ben Boeckel <[email protected]>
> ---
> security/keys/trusted-keys/trusted_tpm2.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/security/keys/trusted-keys/trusted_tpm2.c
> b/security/keys/trusted-keys/trusted_tpm2.c
> index 617fabd4d913..25c2c4d564de 100644
> --- a/security/keys/trusted-keys/trusted_tpm2.c
> +++ b/security/keys/trusted-keys/trusted_tpm2.c
> @@ -335,8 +335,10 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> else
> rc = -EPERM;
> }
> - if (blob_len < 0)
> + if (blob_len < 0) {
> + tpm_put_ops(chip);
> return blob_len;
> + }
>
> payload->blob_len = blob_len;
>
Actually, I think this is a better fix to avoid multiple put and
returns.
James
---
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
index d225ad140960..cbf2a932577b 100644
--- a/security/keys/trusted-keys/trusted_tpm2.c
+++ b/security/keys/trusted-keys/trusted_tpm2.c
@@ -336,9 +336,9 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
rc = -EPERM;
}
if (blob_len < 0)
- return blob_len;
-
- payload->blob_len = blob_len;
+ rc = blob_len;
+ else
+ payload->blob_len = blob_len;
tpm_put_ops(chip);
return rc;
On Thu, Apr 29, 2021 at 11:50:50 -0700, James Bottomley wrote:
> Actually, I think this is a better fix to avoid multiple put and
> returns.
>
> James
>
> ---
>
> diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c
> index d225ad140960..cbf2a932577b 100644
> --- a/security/keys/trusted-keys/trusted_tpm2.c
> +++ b/security/keys/trusted-keys/trusted_tpm2.c
> @@ -336,9 +336,9 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> rc = -EPERM;
> }
> if (blob_len < 0)
> - return blob_len;
> -
> - payload->blob_len = blob_len;
> + rc = blob_len;
> + else
> + payload->blob_len = blob_len;
>
> tpm_put_ops(chip);
> return rc;
Ah, that does look better. I had first added a new label, but that
didn't seem like an improvement in readability. I grabbed this pattern
from an early return earlier in the function. But given that this is the
end (and appears to be unlikely to have more logic inserted in the
future), this seems more reasonable to me as well. Do you want me to
respin or just let it up to you at this point?
Thanks,
--Ben
On Thu, 2021-04-29 at 15:03 -0400, Ben Boeckel wrote:
> On Thu, Apr 29, 2021 at 11:50:50 -0700, James Bottomley wrote:
> > Actually, I think this is a better fix to avoid multiple put and
> > returns.
> >
> > James
> >
> > ---
> >
> > diff --git a/security/keys/trusted-keys/trusted_tpm2.c
> > b/security/keys/trusted-keys/trusted_tpm2.c
> > index d225ad140960..cbf2a932577b 100644
> > --- a/security/keys/trusted-keys/trusted_tpm2.c
> > +++ b/security/keys/trusted-keys/trusted_tpm2.c
> > @@ -336,9 +336,9 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> > rc = -EPERM;
> > }
> > if (blob_len < 0)
> > - return blob_len;
> > -
> > - payload->blob_len = blob_len;
> > + rc = blob_len;
> > + else
> > + payload->blob_len = blob_len;
> >
> > tpm_put_ops(chip);
> > return rc;
>
> Ah, that does look better. I had first added a new label, but that
> didn't seem like an improvement in readability. I grabbed this
> pattern from an early return earlier in the function. But given that
> this is the end (and appears to be unlikely to have more logic
> inserted in the future), this seems more reasonable to me as well. Do
> you want me to respin or just let it up to you at this point?
Can you respin? ... I'm a bit lossy at the moment due to pressure of
work.
Thanks,
James