mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

KEYS: trusted: Rollback init_trusted() consistently 

Do bind neither static calls nor trusted_key_exit() before a successful
init, in order to maintain a consistent state. In addition, depart the
init_trusted() in the case of a real error (i.e. getting back something
else than -ENODEV).

Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Closes: https://lore.kernel.org/linux-integrity/CAHk-=whOPoLaWM8S8GgoOPT7a2+nMH5h3TLKtn=R_3w4R1_Uvg@mail.gmail.com/
Cc: stable@vger.kernel.org # v5.13+
Fixes: 5d0682be31 ("KEYS: trusted: Add generic trusted keys framework")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
This commit is contained in:
Jarkko Sakkinen 2023-10-11 02:08:25 +03:00
parent e017769f4c
commit 31de287345
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
security/keys/trusted-keys/trusted_core.c
View File

@ -358,17 +358,17 @@ static int __init init_trusted(void)
if (!get_random)
get_random = kernel_get_random;
static_call_update(trusted_key_seal,
trusted_key_sources[i].ops->seal);
static_call_update(trusted_key_unseal,
trusted_key_sources[i].ops->unseal);
static_call_update(trusted_key_get_random,
get_random);
trusted_key_exit = trusted_key_sources[i].ops->exit;
migratable = trusted_key_sources[i].ops->migratable;
ret = trusted_key_sources[i].ops->init();
if (!ret)
if (!ret) {
static_call_update(trusted_key_seal, trusted_key_sources[i].ops->seal);
static_call_update(trusted_key_unseal, trusted_key_sources[i].ops->unseal);
static_call_update(trusted_key_get_random, get_random);
trusted_key_exit = trusted_key_sources[i].ops->exit;
migratable = trusted_key_sources[i].ops->migratable;
}
if (!ret || ret != -ENODEV)
break;
}