[Drbd-dev] [PATCH] drbd: correctly handling failed crypto_alloc_hash

[Lars Ellenberg]

On Mon, Feb 15, 2016 at 09:26:25PM -0500, Insu Yun wrote:
> crypto_alloc_hash returns an error code, not NULL.

You are correct, of course. Was broken since its introduction
five years ago. Strange though, we have a helper function further
down in that file, and other, even much older, call sites as well,
which are doing the IS_ERR() correctly.
Apparently no-one ever requested a non-supported alg.

> Signed-off-by: Insu Yun <wuninsu at gmail.com>
> ---
>  drivers/block/drbd/drbd_receiver.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
> index 1957fe8..9063462 100644
> --- a/drivers/block/drbd/drbd_receiver.c
> +++ b/drivers/block/drbd/drbd_receiver.c
> @@ -3403,7 +3403,7 @@ static int receive_protocol(struct drbd_connection *connection, struct packet_in
>  		 */
>  
>  		peer_integrity_tfm = crypto_alloc_hash(integrity_alg, 0, CRYPTO_ALG_ASYNC);
> -		if (!peer_integrity_tfm) {
> +		if (IS_ERR(peer_integrity_tfm)) {
>  			drbd_err(connection, "peer data-integrity-alg %s not supported\n",
>  				 integrity_alg);
>  			goto disconnect;

Your patch is incomplete, though:
the first action in the "disconnect" cleanup path is
 crypto_free_hash(peer_integrity_tfm);
so we better make sure it is not trying to free an error pointer:

diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
index c097909..6054c53 100644
--- a/drivers/block/drbd/drbd_receiver.c
+++ b/drivers/block/drbd/drbd_receiver.c
@@ -3376,7 +3376,8 @@ static int receive_protocol(struct drbd_connection *connection, struct packet_in
 		 */
 
 		peer_integrity_tfm = crypto_alloc_hash(integrity_alg, 0, CRYPTO_ALG_ASYNC);
-		if (!peer_integrity_tfm) {
+		if (IS_ERR(peer_integrity_tfm)) {
+			peer_integrity_tfm = NULL;
 			drbd_err(connection, "peer data-integrity-alg %s not supported\n",
 				 integrity_alg);
 			goto disconnect;

Thanks,

   Lars