From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Tyler Hicks <tyhicks@linux.microsoft.com>,
Mimi Zohar <zohar@linux.ibm.com>, Gou Hao <gouhao@uniontech.com>
Subject: [PATCH 4.19 13/25] ima: Free the entire rule when deleting a list of rules
Date: Mon, 3 Oct 2022 09:12:16 +0200 [thread overview]
Message-ID: <20221003070715.800430612@linuxfoundation.org> (raw)
In-Reply-To: <20221003070715.406550966@linuxfoundation.org>
From: Tyler Hicks <tyhicks@linux.microsoft.com>
commit 465aee77aae857b5fcde56ee192b33dc369fba04 upstream.
Create a function, ima_free_rule(), to free all memory associated with
an ima_rule_entry. Use the new function to fix memory leaks of allocated
ima_rule_entry members, such as .fsname and .keyrings, when deleting a
list of rules.
Make the existing ima_lsm_free_rule() function specific to the LSM
audit rule array of an ima_rule_entry and require that callers make an
additional call to kfree to free the ima_rule_entry itself.
This fixes a memory leak seen when loading by a valid rule that contains
an additional piece of allocated memory, such as an fsname, followed by
an invalid rule that triggers a policy load failure:
# echo -e "dont_measure fsname=securityfs\nbad syntax" > \
/sys/kernel/security/ima/policy
-bash: echo: write error: Invalid argument
# echo scan > /sys/kernel/debug/kmemleak
# cat /sys/kernel/debug/kmemleak
unreferenced object 0xffff9bab67ca12c0 (size 16):
comm "bash", pid 684, jiffies 4295212803 (age 252.344s)
hex dump (first 16 bytes):
73 65 63 75 72 69 74 79 66 73 00 6b 6b 6b 6b a5 securityfs.kkkk.
backtrace:
[<00000000adc80b1b>] kstrdup+0x2e/0x60
[<00000000d504cb0d>] ima_parse_add_rule+0x7d4/0x1020
[<00000000444825ac>] ima_write_policy+0xab/0x1d0
[<000000002b7f0d6c>] vfs_write+0xde/0x1d0
[<0000000096feedcf>] ksys_write+0x68/0xe0
[<0000000052b544a2>] do_syscall_64+0x56/0xa0
[<000000007ead1ba7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
Fixes: f1b08bbcbdaf ("ima: define a new policy condition based on the filesystem name")
Fixes: 2b60c0ecedf8 ("IMA: Read keyrings= option from the IMA policy")
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Cc: <stable@vger.kernel.org> # 4.19+
Signed-off-by: Gou Hao <gouhao@uniontech.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/integrity/ima/ima_policy.c | 23 ++++++++++++++++-------
1 file changed, 16 insertions(+), 7 deletions(-)
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -241,6 +241,21 @@ static int __init default_appraise_polic
}
__setup("ima_appraise_tcb", default_appraise_policy_setup);
+static void ima_free_rule(struct ima_rule_entry *entry)
+{
+ int i;
+
+ if (!entry)
+ return;
+
+ kfree(entry->fsname);
+ for (i = 0; i < MAX_LSM_RULES; i++) {
+ security_filter_rule_free(entry->lsm[i].rule);
+ kfree(entry->lsm[i].args_p);
+ }
+ kfree(entry);
+}
+
/*
* The LSM policy can be reloaded, leaving the IMA LSM based rules referring
* to the old, stale LSM policy. Update the IMA LSM based rules to reflect
@@ -1040,17 +1055,11 @@ ssize_t ima_parse_add_rule(char *rule)
void ima_delete_rules(void)
{
struct ima_rule_entry *entry, *tmp;
- int i;
temp_ima_appraise = 0;
list_for_each_entry_safe(entry, tmp, &ima_temp_rules, list) {
- for (i = 0; i < MAX_LSM_RULES; i++) {
- security_filter_rule_free(entry->lsm[i].rule);
- kfree(entry->lsm[i].args_p);
- }
-
list_del(&entry->list);
- kfree(entry);
+ ima_free_rule(entry);
}
}
next prev parent reply other threads:[~2022-10-03 8:25 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-03 7:12 [PATCH 4.19 00/25] 4.19.261-rc1 review Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 01/25] uas: add no-uas quirk for Hiksemi usb_disk Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 02/25] usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 03/25] uas: ignore UAS for Thinkplus chips Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 04/25] net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 05/25] ARM: dts: integrator: Tag PCI host with device_type Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 06/25] ntfs: fix BUG_ON in ntfs_lookup_inode_by_name() Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 07/25] libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205 Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 08/25] mmc: moxart: fix 4-bit bus width and remove 8-bit bus width Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 09/25] mm/page_alloc: fix race condition between build_all_zonelists and page allocation Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 10/25] mm: prevent page_frag_alloc() from corrupting the memory Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 11/25] mm/migrate_device.c: flush TLB while holding PTL Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 12/25] ima: Have the LSM free its audit rule Greg Kroah-Hartman
2022-10-03 7:12 ` Greg Kroah-Hartman [this message]
2022-10-03 7:12 ` [PATCH 4.19 14/25] ima: Free the entire rule if it fails to parse Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 15/25] soc: sunxi: sram: Actually claim SRAM regions Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 16/25] soc: sunxi: sram: Prevent the driver from being unbound Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 17/25] soc: sunxi: sram: Fix probe function ordering issues Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 18/25] soc: sunxi: sram: Fix debugfs info for A64 SRAM C Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 19/25] Revert "drm: bridge: analogix/dp: add panel prepare/unprepare in suspend/resume time" Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 20/25] Input: melfas_mip4 - fix return value check in mip4_probe() Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 21/25] usbnet: Fix memory leak in usbnet_disconnect() Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 22/25] nvme: add new line after variable declatation Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 23/25] nvme: Fix IOC_PR_CLEAR and IOC_PR_RELEASE ioctls for nvme devices Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 24/25] selftests: Fix the if conditions of in test_extra_filter() Greg Kroah-Hartman
2022-10-03 7:12 ` [PATCH 4.19 25/25] clk: iproc: Do not rely on node name for correct PLL setup Greg Kroah-Hartman
2022-10-03 11:31 ` [PATCH 4.19 00/25] 4.19.261-rc1 review Jon Hunter
2022-10-03 12:51 ` Slade Watkins
2022-10-03 13:49 ` Pavel Machek
2022-10-03 14:00 ` Greg Kroah-Hartman
2022-10-03 14:21 ` Pavel Machek
2022-10-03 17:53 ` Guenter Roeck
2022-10-03 22:02 ` Shuah Khan
2022-10-04 8:58 ` Naresh Kamboju
2022-10-04 11:28 ` Sudip Mukherjee (Codethink)
2022-10-07 14:41 ` zhouzhixiu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221003070715.800430612@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=gouhao@uniontech.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tyhicks@linux.microsoft.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.