From patchwork Thu Apr 29 18:37:42 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ben Boeckel X-Patchwork-Id: 12231653 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EEFD7C43462 for ; Thu, 29 Apr 2021 18:38:02 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id C4EA460241 for ; Thu, 29 Apr 2021 18:38:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S241217AbhD2Sir (ORCPT ); Thu, 29 Apr 2021 14:38:47 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:37977 "EHLO out3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241205AbhD2Siq (ORCPT ); Thu, 29 Apr 2021 14:38:46 -0400 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id C0FF05C0053; Thu, 29 Apr 2021 14:37:58 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 29 Apr 2021 14:37:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benboeckel.net; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm1; bh=uriAVbHcyeM+B 1o/h2ruNXHybSYxxHjmI5LYBV1QufE=; b=DZJD1Ze/bLbNMJG9DTw26HDB+vAIA zU4RafHf+mRvQzTd+Xq950ZB6INis3uQOx5fPetIl64G7vVZjGfdUARszNxUT51B Zlm6pQgZb4z6I63aMRnolilenzdxp/Xt0mFVICZKpA6HWtkzVfruY4OlElmmhczm HNWpmbd5bMOQgTtTXkCivgnFlRVvHh0ZYaGb2rJGN3Qiy9zD/iXRci2IWdRoQFMx eM0KunesylJNOgYmREqsjYHXA5KZIAyxHuWk0qTOrsqGWUdrEBYt7WTg1PCVQSy0 yYTsPQ9vqLr2Jjv7jFjvVaTg2EPFIzjcWXlFrOrs8i+yzbueoxYvmPtgg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=uriAVbHcyeM+B1o/h2ruNXHybSYxxHjmI5LYBV1QufE=; b=pZuqXItE CZ8u1ppw5DY+NN5QhmCgT4KNAzZRzj961npCgUWE4A9fbb7da5wPkZYH4gfhSkxY 0nDomicrndJVkbHobO8EGir7L/Lul1neP9wGWyNAL4ettei82OvhvREF+7ePFeC1 JgYrIKwu79WF5S+QuhR2Of5BXNuR+/zNdBk3mlFbnx6KnW3w1inniZdauaaj8WCp Kr4ct+HNd0/58a+FYKW3s89OcjSmQHm3INP/22jdjaCkYW/qSkolHr0nFYCzOtYx I29CpH84AY3hEJ4qt1zLTu8PRtJq6QHKxIEfWUXXlRXb+hJ/jX0X25hve0E3bT4e wvM3A5lqdSuwIg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrvddvgedguddvkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvffufffkofgjfhgggfestdekredtredttdenucfhrhhomhepuegvnhcu uehovggtkhgvlhcuoehmvgessggvnhgsohgvtghkvghlrdhnvghtqeenucggtffrrghtth gvrhhnpeffkeehlefgteelgefhheekfeeigeffledtkefhveeifeehledtffehkeeuheek heenucfkphepvdegrdduieelrddvtddrvdehheenucevlhhushhtvghrufhiiigvpedtne curfgrrhgrmhepmhgrihhlfhhrohhmpehmvgessggvnhgsohgvtghkvghlrdhnvght X-ME-Proxy: Received: from localhost (unknown [24.169.20.255]) by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 29 Apr 2021 14:37:58 -0400 (EDT) From: Ben Boeckel To: keyrings@vger.kernel.org Cc: Ben Boeckel , James Bottomley , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, Dan Carpenter Subject: [PATCH 1/1] trusted-keys: match tpm_get_ops on all return paths Date: Thu, 29 Apr 2021 14:37:42 -0400 Message-Id: <20210429183742.756766-2-list.lkml.keyrings@me.benboeckel.net> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210429183742.756766-1-list.lkml.keyrings@me.benboeckel.net> References: <20210429183742.756766-1-list.lkml.keyrings@me.benboeckel.net> MIME-Version: 1.0 Precedence: bulk List-ID: From: Ben Boeckel The `tpm_get_ops` call at the beginning of the function is not paired with a `tpm_put_ops` on this return path. Fixes: f2219745250f ("security: keys: trusted: use ASN.1 TPM2 key format for the blobs") Reported-by: Dan Carpenter Signed-off-by: Ben Boeckel --- security/keys/trusted-keys/trusted_tpm2.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 617fabd4d913..25c2c4d564de 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -335,8 +335,10 @@ int tpm2_seal_trusted(struct tpm_chip *chip, else rc = -EPERM; } - if (blob_len < 0) + if (blob_len < 0) { + tpm_put_ops(chip); return blob_len; + } payload->blob_len = blob_len;