lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3ac3fd6a-755e-4829-bc56-234f5b0f35e4@web.de>
Date: Sat, 12 Oct 2024 17:10:26 +0200
From: Markus Elfring <Markus.Elfring@....de>
To: linux-crypto@...r.kernel.org, kernel-janitors@...r.kernel.org,
 Andrew Morton <akpm@...ux-foundation.org>,
 Herbert Xu <herbert@...dor.apana.org.au>,
 Peter Zijlstra <peterz@...radead.org>
Cc: LKML <linux-kernel@...r.kernel.org>
Subject: [PATCH v3 3/3] lib/digsig: Use scope-based resource management for
 two variables in digsig_verify_rsa()

From: Markus Elfring <elfring@...rs.sourceforge.net>
Date: Sat, 12 Oct 2024 15:28:22 +0200

Scope-based resource management became supported for some
programming interfaces by contributions of Peter Zijlstra on 2023-05-26.
See also the commit 54da6a0924311c7cf5015533991e44fb8eb12773 ("locking:
Introduce __cleanup() based infrastructure").

* Thus use the attribute “__free(kfree)”.

* Reduce the scopes for the local variables “out1” and “p”.

* Omit explicit kfree() calls accordingly.

* Add a jump target.

Signed-off-by: Markus Elfring <elfring@...rs.sourceforge.net>
---

V3:
Further adjustments were provided for the demonstration of an evolving
programming interface.


 lib/digsig.c | 87 +++++++++++++++++++++++++---------------------------
 1 file changed, 42 insertions(+), 45 deletions(-)

diff --git a/lib/digsig.c b/lib/digsig.c
index 2481120094ab..1a24677af643 100644
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -73,10 +73,9 @@ static int digsig_verify_rsa(struct key *key,
 	unsigned long mlen, mblen;
 	unsigned int l;
 	int head, i;
-	unsigned char *out1 = NULL;
 	const char *m;
 	MPI pkey[2];
-	uint8_t *p, *datap;
+	uint8_t *datap;
 	const uint8_t *endp;
 	const struct user_key_payload *ukp;
 	struct pubkey_hdr *pkh;
@@ -126,58 +125,56 @@ static int digsig_verify_rsa(struct key *key,
 	}

 	err = -ENOMEM;
-
-	out1 = kzalloc(mlen, GFP_KERNEL);
-	if (!out1)
-		goto free_keys;
-
 	{
-		unsigned int nret = siglen;
-		MPI in __free(mpi_free) = mpi_read_from_buffer(sig, &nret);
-
-		if (IS_ERR(in)) {
-			err = PTR_ERR(in);
-			goto in_exit;
-		}
+		unsigned char *out1 __free(kfree) = kzalloc(mlen, GFP_KERNEL);

+		if (out1)
 		{
-			MPI res __free(mpi_free) = mpi_alloc(mpi_get_nlimbs(in) * 2);
-
-			if (!res)
-				goto res_exit;
-
-			err = mpi_powm(res, in, pkey[1], pkey[0]);
-			if (err)
-				goto res_exit;
-
-			if (mpi_get_nlimbs(res) * BYTES_PER_MPI_LIMB > mlen) {
-				err = -EINVAL;
-				goto res_exit;
-			}
+			unsigned int nret = siglen;
+			MPI in __free(mpi_free) = mpi_read_from_buffer(sig, &nret);

-			p = mpi_get_buffer(res, &l, NULL);
-			if (!p) {
-				err = -EINVAL;
-				goto res_exit;
+			if (IS_ERR(in)) {
+				err = PTR_ERR(in);
+				goto in_exit;
 			}

-			len = mlen;
-			head = len - l;
-			memset(out1, 0, head);
-			memcpy(out1 + head, p, l);
-
-			kfree(p);
-
-			m = pkcs_1_v1_5_decode_emsa(out1, len, mblen, &len);
-
-			if (!m || len != hlen || memcmp(m, h, hlen))
-				err = -EINVAL;
+			{
+				MPI res __free(mpi_free) = mpi_alloc(mpi_get_nlimbs(in) * 2);
+
+				if (!res)
+					goto res_exit;
+
+				err = mpi_powm(res, in, pkey[1], pkey[0]);
+				if (err)
+					goto res_exit;
+
+				if (mpi_get_nlimbs(res) * BYTES_PER_MPI_LIMB > mlen) {
+					err = -EINVAL;
+					goto res_exit;
+				}
+
+				{
+					uint8_t *p __free(kfree) = mpi_get_buffer(res, &l, NULL);
+
+					if (!p) {
+						err = -EINVAL;
+						goto p_exit;
+					}
+
+					len = mlen;
+					head = len - l;
+					memset(out1, 0, head);
+					memcpy(out1 + head, p, l);
+					m = pkcs_1_v1_5_decode_emsa(out1, len, mblen, &len);
+					if (!m || len != hlen || memcmp(m, h, hlen))
+						err = -EINVAL;
+p_exit:
+				}
 res_exit:
-		}
+			}
 in_exit:
+		}
 	}
-
-	kfree(out1);
 free_keys:
 	while (--i >= 0)
 		mpi_free(pkey[i]);
--
2.46.1


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ