* [PATCH] integrity: Free key restriction when keyring allocation fails
@ 2022-11-09 9:46 GUO Zihua
0 siblings, 0 replies; only message in thread
From: GUO Zihua @ 2022-11-09 9:46 UTC (permalink / raw)
To: zohar, dmitry.kasatkin
Cc: paul, jmorris, serge, linux-integrity, linux-security-module,
linux-kernel
Key restriction is alloced in integrity_init_keyring(). However, if
keyring allocation failed, it is not freed, causing memory leaks.
Signed-off-by: GUO Zihua <guozihua@huawei.com>
---
security/integrity/digsig.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index 8a82a6c7f48a..f2193c531f4a 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -126,6 +126,7 @@ int __init integrity_init_keyring(const unsigned int id)
{
struct key_restriction *restriction;
key_perm_t perm;
+ int ret;
perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW
| KEY_USR_READ | KEY_USR_SEARCH;
@@ -154,7 +155,10 @@ int __init integrity_init_keyring(const unsigned int id)
perm |= KEY_USR_WRITE;
out:
- return __integrity_init_keyring(id, perm, restriction);
+ ret = __integrity_init_keyring(id, perm, restriction);
+ if (ret)
+ kfree(restriction);
+ return ret;
}
static int __init integrity_add_key(const unsigned int id, const void *data,
--
2.17.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2022-11-09 9:51 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-09 9:46 [PATCH] integrity: Free key restriction when keyring allocation fails GUO Zihua
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.