From patchwork Fri Nov 10 20:29:16 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: SF Markus Elfring X-Patchwork-Id: 10053705 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 40FD460365 for ; Fri, 10 Nov 2017 20:29:52 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3635B2B3D1 for ; Fri, 10 Nov 2017 20:29:52 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 292F72B3EB; Fri, 10 Nov 2017 20:29:52 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D41372B3D1 for ; Fri, 10 Nov 2017 20:29:51 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753882AbdKJU3i (ORCPT ); Fri, 10 Nov 2017 15:29:38 -0500 Received: from mout.web.de ([212.227.15.14]:53565 "EHLO mout.web.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753648AbdKJU3g (ORCPT ); Fri, 10 Nov 2017 15:29:36 -0500 Received: from [192.168.1.3] ([77.182.5.151]) by smtp.web.de (mrweb002 [213.165.67.108]) with ESMTPSA (Nemesis) id 0MQO44-1eeqQs36QW-00Tpac; Fri, 10 Nov 2017 21:29:19 +0100 Subject: [PATCH 1/2] KEYS: trusted: Use common error handling code in trusted_update() From: SF Markus Elfring To: keyrings@vger.kernel.org, linux-integrity@vger.kernel.org, linux-security-module@vger.kernel.org, David Howells , James Morris , Mimi Zohar , "Serge E. Hallyn" Cc: LKML , kernel-janitors@vger.kernel.org References: <479805df-edaf-1e9a-57be-d7c4f38e9d31@users.sourceforge.net> Message-ID: <658d88c1-b29b-cf8c-2ce0-8a2755ec9f33@users.sourceforge.net> Date: Fri, 10 Nov 2017 21:29:16 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <479805df-edaf-1e9a-57be-d7c4f38e9d31@users.sourceforge.net> Content-Language: en-GB X-Provags-ID: V03:K0:fqjAGBRRXgkSmpm7U8HiASiCxG31GpIwfi5NkD7lcyhImgrTYxJ Mx23mz2Vmky++gvBEVoaCyISTAVcBDougNC/gtlhKGKyWKKWC/iagFVTVPxEWc6d6e3Zz2d b59l8KJ5sNq9nNNRt5CSZsy/cZuv1m1ZBKctum9YrEL/iogEofQ1RCN0xAkczYyJXiNcP/7 4Vq5RFUI/vLjqcW9vFQ2A== X-UI-Out-Filterresults: notjunk:1; V01:K0:034iewCQ1uE=:40H/kDUBqGK2O+Bu3CQyY/ Tiz0oGlDUS41KT3XFPoHDR/faaLIn7AtYD86UoJlFw1TJySEUIw9M33uTsVVnTeJ/6nEW749O vpMei6szCr3nZvCBfuDxExGpj2uqICO+S/7DuCKHptpYfW82UKFzzwDTBVSaOcp+Gn0Lx5YPU imUyIr5qE9cFZwOBIz5VXoMVtQntSV00aPkcGYrNZlNFph245MchwCtH4BpoGqgVdW/elIqZj m/i+8+Xe8l6RBEsR0PZwoLxg9ZDRLSYRmQlWLQRWGen4jZpwlTVOuuqSQaO3mCtK2CuBywHfa 8rdaWznAULS26DHi+vob+tLUy00tERvFzMxnSil4D12Ynt3OeTviEiZyyYpDrb8/ud2k3krJ5 Q2egq/SuPUDUOFvY4GNr2ntJsR8ct7K1JMlIGZorGVg5hkmDv63unyepMrJ2sddg9d/aIThMj HcCBELVbeTFDLiawN8pA0ZgKi8ZykzwuGTpTHyzkCGhoIsJf9FpELXmnMEp4U3+0hr0R1xZ2y 5SEcRvGG4u9NPpGww71yZMI085pVXO5RM4Q1JrJt0eMht32lJQ/UtRBwq3Dop6tnHuy9dU8Jk 7KApgNRsccNh6+9WRlg4A7Jh+0EyNTi8AujKvFwZh8U/F9ibjtzF5LQvhXaCXeLWEG4GIjACY oWy3XThTgk9z5Z4r5/sAEP5WnsCgoP1/VZdxo6+Jhe9EK+z1v/uvb9SlV+/6mWVontQJ3Lc97 XOX8PbkChwpXmtgVnF8us+JC9j1faeeby8GhHc/kggQHo7I9UYHSvIqPftHLenZsMebXVL04h mb6/aANUmWZ95sY4VwXisIenA6oqqTVp7DTKbNCr6qRcGhoivE= Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP From: Markus Elfring Date: Fri, 10 Nov 2017 20:50:15 +0100 Adjust jump targets so that a bit of exception handling can be better reused at the end of this function. This issue was detected by using the Coccinelle software. Signed-off-by: Markus Elfring --- security/keys/trusted.c | 44 ++++++++++++++++++++------------------------ 1 file changed, 20 insertions(+), 24 deletions(-) diff --git a/security/keys/trusted.c b/security/keys/trusted.c index bd85315cbfeb..fd06d0c5323b 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c @@ -1078,30 +1078,18 @@ static int trusted_update(struct key *key, struct key_preparsed_payload *prep) if (!datablob) return -ENOMEM; new_o = trusted_options_alloc(); - if (!new_o) { - ret = -ENOMEM; - goto out; - } + if (!new_o) + goto e_nomem; + new_p = trusted_payload_alloc(key); - if (!new_p) { - ret = -ENOMEM; - goto out; - } + if (!new_p) + goto e_nomem; memcpy(datablob, prep->data, datalen); datablob[datalen] = '\0'; ret = datablob_parse(datablob, new_p, new_o); - if (ret != Opt_update) { - ret = -EINVAL; - kzfree(new_p); - goto out; - } - - if (!new_o->keyhandle) { - ret = -EINVAL; - kzfree(new_p); - goto out; - } + if (ret != Opt_update || !new_o->keyhandle) + goto e_inval; /* copy old key values, and reseal with new pcrs */ new_p->migratable = p->migratable; @@ -1113,23 +1101,31 @@ static int trusted_update(struct key *key, struct key_preparsed_payload *prep) ret = key_seal(new_p, new_o); if (ret < 0) { pr_info("trusted_key: key_seal failed (%d)\n", ret); - kzfree(new_p); - goto out; + goto free_payload; } if (new_o->pcrlock) { ret = pcrlock(new_o->pcrlock); if (ret < 0) { pr_info("trusted_key: pcrlock failed (%d)\n", ret); - kzfree(new_p); - goto out; + goto free_payload; } } rcu_assign_keypointer(key, new_p); call_rcu(&p->rcu, trusted_rcu_free); -out: +free_data: kzfree(datablob); kzfree(new_o); return ret; + +e_nomem: + ret = -ENOMEM; + goto free_data; + +e_inval: + ret = -EINVAL; +free_payload: + kzfree(new_p); + goto free_data; } /*