From 0af06624eadc7812b185a53b2ccc46a565ec3cf6 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Thu, 8 Jul 2021 14:46:43 -0700
Subject: [PATCH] ANDROID: fips140: check for errors from initcalls

Check for errors when executing the initcalls so that we can't fail to
register some algorithms without noticing.

Bug: 153614920
Bug: 188620248
Change-Id: I8e55de3d7624c6700f161c92705d0f6f874476d8
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/fips140-module.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/crypto/fips140-module.c b/crypto/fips140-module.c
index 8d8e723816d9..a0e199b9e8a1 100644
--- a/crypto/fips140-module.c
+++ b/crypto/fips140-module.c
@@ -539,8 +539,17 @@ fips140_init(void)
 	     initcall < &__initcall_end_marker;
 	     initcall++) {
 		int (*init)(void) = offset_to_ptr(initcall);
+		int err = init();
 
-		init();
+		/*
+		 * ENODEV is expected from initcalls that only register
+		 * algorithms that depend on non-present CPU features.  Besides
+		 * that, errors aren't expected here.
+		 */
+		if (err && err != -ENODEV) {
+			pr_err("initcall %ps() failed: %d\n", init, err);
+			goto panic;
+		}
 	}
 
 	if (!update_live_fips140_algos())