ANDROID: fips140: check for errors from initcalls Check for errors when executing the initcalls so that we can't fail to register some algorithms without noticing. Bug: 153614920 Bug: 188620248 Change-Id: I8e55de3d7624c6700f161c92705d0f6f874476d8 Signed-off-by: Eric Biggers <ebiggers@google.com>

commit: 0af06624eadc7812b185a53b2ccc46a565ec3cf6 [log] [tgz]
author: Eric Biggers <ebiggers@google.com> Thu Jul 08 14:46:43 2021 -0700
committer: Ard Biesheuvel <ardb@google.com> Mon Jul 12 10:49:28 2021 +0000
tree: aa370054fc27959f24da97d9d8d88995b111e7f8
parent: 92de53472e689a94e3e7840b13001da091c0ccaa [diff] [blame]
diff --git a/crypto/fips140-module.c b/crypto/fips140-module.c
index 8d8e723..a0e199b 100644
--- a/crypto/fips140-module.c
+++ b/crypto/fips140-module.c

@@ -539,8 +539,17 @@ fips140_init(void)
 	     initcall < &__initcall_end_marker;
 	     initcall++) {
 		int (*init)(void) = offset_to_ptr(initcall);
+		int err = init();
 
-		init();
+		/*
+		 * ENODEV is expected from initcalls that only register
+		 * algorithms that depend on non-present CPU features.  Besides
+		 * that, errors aren't expected here.
+		 */
+		if (err && err != -ENODEV) {
+			pr_err("initcall %ps() failed: %d\n", init, err);
+			goto panic;
+		}
 	}
 
 	if (!update_live_fips140_algos())
commit	0af06624eadc7812b185a53b2ccc46a565ec3cf6	[log] [tgz]
author	Eric Biggers <ebiggers@google.com>	Thu Jul 08 14:46:43 2021 -0700
committer	Ard Biesheuvel <ardb@google.com>	Mon Jul 12 10:49:28 2021 +0000
tree	aa370054fc27959f24da97d9d8d88995b111e7f8
parent	92de53472e689a94e3e7840b13001da091c0ccaa [diff] [blame]