crypto: drbg - always try to free Jitter RNG instance

The Jitter RNG is unconditionally allocated as a seed source follwoing
the patch 97f2650e5040. Thus, the instance must always be deallocated.

Reported-by: syzbot+2e635807decef724a1fa@syzkaller.appspotmail.com
Fixes: 97f2650e5040 ("crypto: drbg - always seeded with SP800-90B ...")
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/drbg.c b/crypto/drbg.c
index 37526eb8c5d571c7ac10266914a1d89bbb39f5ff..8d80d93cab9708dc285b213ee3c0986436ca7055 100644 (file)
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1631,10 +1631,12 @@ static int drbg_uninstantiate(struct drbg_state *drbg)
        if (drbg->random_ready.func) {
                del_random_ready_callback(&drbg->random_ready);
                cancel_work_sync(&drbg->seed_work);
-               crypto_free_rng(drbg->jent);
-               drbg->jent = NULL;
        }
 
+       if (!IS_ERR_OR_NULL(drbg->jent))
+               crypto_free_rng(drbg->jent);
+       drbg->jent = NULL;
+
        if (drbg->d_ops)
                drbg->d_ops->crypto_fini(drbg);
        drbg_dealloc_state(drbg);