mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-09 06:33:34 +00:00
libceph: introduce ceph_x_authorizer_cleanup()
Commit ae385eaf24
("libceph: store session key in cephx authorizer")
introduced ceph_x_authorizer::session_key, but didn't update all the
exit/error paths. Introduce ceph_x_authorizer_cleanup() to encapsulate
ceph_x_authorizer cleanup and switch to it. This fixes ceph_x_destroy(),
which currently always leaks key and ceph_x_build_authorizer() error
paths.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Yan, Zheng <zyan@redhat.com>
This commit is contained in:
parent
5e804ac482
commit
cbf99a11fb
@ -279,6 +279,15 @@ static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
static void ceph_x_authorizer_cleanup(struct ceph_x_authorizer *au)
|
||||
{
|
||||
ceph_crypto_key_destroy(&au->session_key);
|
||||
if (au->buf) {
|
||||
ceph_buffer_put(au->buf);
|
||||
au->buf = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
|
||||
struct ceph_x_ticket_handler *th,
|
||||
struct ceph_x_authorizer *au)
|
||||
@ -297,7 +306,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
|
||||
ceph_crypto_key_destroy(&au->session_key);
|
||||
ret = ceph_crypto_key_clone(&au->session_key, &th->session_key);
|
||||
if (ret)
|
||||
return ret;
|
||||
goto out_au;
|
||||
|
||||
maxlen = sizeof(*msg_a) + sizeof(msg_b) +
|
||||
ceph_x_encrypt_buflen(ticket_blob_len);
|
||||
@ -309,8 +318,8 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
|
||||
if (!au->buf) {
|
||||
au->buf = ceph_buffer_new(maxlen, GFP_NOFS);
|
||||
if (!au->buf) {
|
||||
ceph_crypto_key_destroy(&au->session_key);
|
||||
return -ENOMEM;
|
||||
ret = -ENOMEM;
|
||||
goto out_au;
|
||||
}
|
||||
}
|
||||
au->service = th->service;
|
||||
@ -340,7 +349,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
|
||||
ret = ceph_x_encrypt(&au->session_key, &msg_b, sizeof(msg_b),
|
||||
p, end - p);
|
||||
if (ret < 0)
|
||||
goto out_buf;
|
||||
goto out_au;
|
||||
p += ret;
|
||||
au->buf->vec.iov_len = p - au->buf->vec.iov_base;
|
||||
dout(" built authorizer nonce %llx len %d\n", au->nonce,
|
||||
@ -348,9 +357,8 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
|
||||
BUG_ON(au->buf->vec.iov_len > maxlen);
|
||||
return 0;
|
||||
|
||||
out_buf:
|
||||
ceph_buffer_put(au->buf);
|
||||
au->buf = NULL;
|
||||
out_au:
|
||||
ceph_x_authorizer_cleanup(au);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -624,8 +632,7 @@ static void ceph_x_destroy_authorizer(struct ceph_auth_client *ac,
|
||||
{
|
||||
struct ceph_x_authorizer *au = (void *)a;
|
||||
|
||||
ceph_crypto_key_destroy(&au->session_key);
|
||||
ceph_buffer_put(au->buf);
|
||||
ceph_x_authorizer_cleanup(au);
|
||||
kfree(au);
|
||||
}
|
||||
|
||||
@ -653,8 +660,7 @@ static void ceph_x_destroy(struct ceph_auth_client *ac)
|
||||
remove_ticket_handler(ac, th);
|
||||
}
|
||||
|
||||
if (xi->auth_authorizer.buf)
|
||||
ceph_buffer_put(xi->auth_authorizer.buf);
|
||||
ceph_x_authorizer_cleanup(&xi->auth_authorizer);
|
||||
|
||||
kfree(ac->private);
|
||||
ac->private = NULL;
|
||||
|
@ -16,8 +16,10 @@ struct ceph_crypto_key {
|
||||
|
||||
static inline void ceph_crypto_key_destroy(struct ceph_crypto_key *key)
|
||||
{
|
||||
if (key)
|
||||
if (key) {
|
||||
kfree(key->key);
|
||||
key->key = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
int ceph_crypto_key_clone(struct ceph_crypto_key *dst,
|
||||
|
Loading…
Reference in New Issue
Block a user