crypto: drbg - fix error return code in drbg_alloc_state()

commit e0664ebcea6ac5e16da703409fb4bd61f8cd37d9 upstream.

Fix to return negative error code -ENOMEM from the kzalloc error handling
case instead of 0, as done elsewhere in this function.

Reported-by: Xiumei Mu <xmu@redhat.com>
Fixes: db07cd26ac6a ("crypto: drbg - add FIPS 140-2 CTRNG for noise source")
Cc: <stable@vger.kernel.org>
Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
Reviewed-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/crypto/drbg.c b/crypto/drbg.c
index b6929eb..04379ca 100644 (file)
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1294,8 +1294,10 @@ static inline int drbg_alloc_state(struct drbg_state *drbg)
        if (IS_ENABLED(CONFIG_CRYPTO_FIPS)) {
                drbg->prev = kzalloc(drbg_sec_strength(drbg->core->flags),
                                     GFP_KERNEL);
-               if (!drbg->prev)
+               if (!drbg->prev) {
+                       ret = -ENOMEM;
                        goto fini;
+               }
                drbg->fips_primed = false;
        }