Commit 617f5e9f authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'v7.0-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 

Pull crypto fixes from Herbert Xu:

 - Fix use-after-free in ccp

 - Fix bug when SEV is disabled in ccp

 - Fix tfm_count leak in atmel-sha204a

* tag 'v7.0-p2' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6:
  crypto: atmel-sha204a - Fix OOM ->tfm_count leak
  crypto: ccp - Fix use-after-free on error path
  crypto: ccp - allow callers to use HV-Fixed page API when SEV is disabled
parents 723b5c93 d240b079

drivers/crypto/atmel-sha204a.c

+3 −2
Original line number Diff line number Diff line
@@ -52,9 +52,10 @@ static int atmel_sha204a_rng_read_nonblocking(struct hwrng *rng, void *data, 
		rng->priv = 0;

	} else {

		work_data = kmalloc_obj(*work_data, GFP_ATOMIC);

		if (!work_data)

		if (!work_data) {

			atomic_dec(&i2c_priv->tfm_count);

			return -ENOMEM;



		}

		work_data->ctx = i2c_priv;

		work_data->client = i2c_priv->client;

drivers/crypto/ccp/sev-dev-tsm.c

+1 −1
Original line number Diff line number Diff line
@@ -378,9 +378,9 @@ void sev_tsm_init_locked(struct sev_device *sev, void *tio_status_page) 
	return;



error_exit:

	kfree(t);

	pr_err("Failed to enable SEV-TIO: ret=%d en=%d initdone=%d SEV=%d\n",

	       ret, t->tio_en, t->tio_init_done, boot_cpu_has(X86_FEATURE_SEV));

	kfree(t);

}



void sev_tsm_uninit(struct sev_device *sev)

drivers/crypto/ccp/sev-dev.c

+4 −6
Original line number Diff line number Diff line
@@ -1105,15 +1105,12 @@ struct page *snp_alloc_hv_fixed_pages(unsigned int num_2mb_pages) 
{

	struct psp_device *psp_master = psp_get_master_device();

	struct snp_hv_fixed_pages_entry *entry;

	struct sev_device *sev;

	unsigned int order;

	struct page *page;



	if (!psp_master || !psp_master->sev_data)

	if (!psp_master)

		return NULL;



	sev = psp_master->sev_data;



	order = get_order(PMD_SIZE * num_2mb_pages);



	/*
@@ -1126,7 +1123,8 @@ struct page *snp_alloc_hv_fixed_pages(unsigned int num_2mb_pages) 
	 * This API uses SNP_INIT_EX to transition allocated pages to HV_Fixed

	 * page state, fail if SNP is already initialized.

	 */

	if (sev->snp_initialized)

	if (psp_master->sev_data &&

	    ((struct sev_device *)psp_master->sev_data)->snp_initialized)

		return NULL;



	/* Re-use freed pages that match the request */
@@ -1162,7 +1160,7 @@ void snp_free_hv_fixed_pages(struct page *page) 
	struct psp_device *psp_master = psp_get_master_device();

	struct snp_hv_fixed_pages_entry *entry, *nentry;



	if (!psp_master || !psp_master->sev_data)

	if (!psp_master)

		return;



	/*