From: Mimi Zohar <zohar@linux.ibm.com>
To: Tyler Hicks <tyhicks@linux.microsoft.com>,
Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
Cc: James Morris <jmorris@namei.org>,
"Serge E . Hallyn" <serge@hallyn.com>,
Lakshmi Ramasubramanian <nramas@linux.microsoft.com>,
Prakhar Srivastava <prsriva02@gmail.com>,
linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 03/12] ima: Free the entire rule when deleting a list of rules
Date: Thu, 25 Jun 2020 17:05:09 -0400 [thread overview]
Message-ID: <1593119109.27152.393.camel@linux.ibm.com> (raw)
In-Reply-To: <20200623003236.830149-4-tyhicks@linux.microsoft.com>
On Mon, 2020-06-22 at 19:32 -0500, Tyler Hicks wrote:
> Use ima_free_rule() to fix memory leaks of allocated ima_rule_entry
> members, such as .fsname and .keyrings, when deleting a list of rules.
>
> This fixes a memory leak seen when loading by a valid rule that contains
> an additional piece of allocated memory, such as an fsname, followed by
> an invalid rule that triggers a policy load failure:
>
> # echo -e "dont_measure fsname=securityfs\nbad syntax" > \
> /sys/kernel/security/ima/policy
> -bash: echo: write error: Invalid argument
> # echo scan > /sys/kernel/debug/kmemleak
> # cat /sys/kernel/debug/kmemleak
> unreferenced object 0xffff9bab67ca12c0 (size 16):
> comm "tee", pid 684, jiffies 4295212803 (age 252.344s)
> hex dump (first 16 bytes):
> 73 65 63 75 72 69 74 79 66 73 00 6b 6b 6b 6b a5 securityfs.kkkk.
> backtrace:
> [<00000000adc80b1b>] kstrdup+0x2e/0x60
> [<00000000d504cb0d>] ima_parse_add_rule+0x7d4/0x1020
> [<00000000444825ac>] ima_write_policy+0xab/0x1d0
> [<000000002b7f0d6c>] vfs_write+0xde/0x1d0
> [<0000000096feedcf>] ksys_write+0x68/0xe0
> [<0000000052b544a2>] do_syscall_64+0x56/0xa0
> [<000000007ead1ba7>] entry_SYSCALL_64_after_hwframe+0x44/0xa9
>
> Fixes: f1b08bbcbdaf ("ima: define a new policy condition based on the filesystem name")
> Fixes: 2b60c0ecedf8 ("IMA: Read keyrings= option from the IMA policy")
> Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Thanks! Thinking about it some more. It makes more sense to define
ima_free_rule() here in this patch.
Mimi
> ---
> security/integrity/ima/ima_policy.c | 6 +-----
> 1 file changed, 1 insertion(+), 5 deletions(-)
>
> diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
> index 1320333201c6..94ca3b8abb69 100644
> --- a/security/integrity/ima/ima_policy.c
> +++ b/security/integrity/ima/ima_policy.c
> @@ -1431,15 +1431,11 @@ ssize_t ima_parse_add_rule(char *rule)
> void ima_delete_rules(void)
> {
> struct ima_rule_entry *entry, *tmp;
> - int i;
>
> temp_ima_appraise = 0;
> list_for_each_entry_safe(entry, tmp, &ima_temp_rules, list) {
> - for (i = 0; i < MAX_LSM_RULES; i++)
> - kfree(entry->lsm[i].args_p);
> -
> list_del(&entry->list);
> - kfree(entry);
> + ima_free_rule(entry);
> }
> }
>
next prev parent reply other threads:[~2020-06-25 21:05 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-23 0:32 [PATCH 00/12] ima: Fix rule parsing bugs and extend KEXEC_CMDLINE rule support Tyler Hicks
2020-06-23 0:32 ` [PATCH 01/12] ima: Have the LSM free its audit rule Tyler Hicks
2020-06-23 0:55 ` Casey Schaufler
2020-06-23 3:04 ` Tyler Hicks
2020-06-23 23:04 ` Tyler Hicks
2020-06-25 19:41 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 02/12] ima: Create a function to free a rule entry Tyler Hicks
2020-06-25 19:33 ` Mimi Zohar
2020-06-25 19:56 ` Tyler Hicks
2020-06-25 20:32 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 03/12] ima: Free the entire rule when deleting a list of rules Tyler Hicks
2020-06-25 21:05 ` Mimi Zohar [this message]
2020-06-25 21:07 ` Mimi Zohar
2020-06-25 21:08 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 04/12] ima: Free the entire rule if it fails to parse Tyler Hicks
2020-06-23 0:32 ` [PATCH 05/12] ima: Fail rule parsing when buffer hook functions have an invalid action Tyler Hicks
2020-06-25 21:51 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 06/12] ima: Fail rule parsing when the KEXEC_CMDLINE hook is combined with an invalid cond Tyler Hicks
2020-06-25 21:53 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 07/12] ima: Fail rule parsing when the KEY_CHECK " Tyler Hicks
2020-06-23 0:32 ` [PATCH 08/12] ima: Shallow copy the args_p member of ima_rule_entry.lsm elements Tyler Hicks
2020-06-25 21:18 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 09/12] ima: Use correct type for " Tyler Hicks
2020-06-25 21:20 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 10/12] ima: Move validation of the keyrings conditional into ima_validate_rule() Tyler Hicks
2020-06-25 19:50 ` Tyler Hicks
2020-06-25 20:46 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 11/12] ima: Use the common function to detect LSM conditionals in a rule Tyler Hicks
2020-06-25 22:45 ` Mimi Zohar
2020-06-23 0:32 ` [PATCH 12/12] ima: Support additional conditionals in the KEXEC_CMDLINE hook function Tyler Hicks
2020-06-25 22:56 ` Mimi Zohar
2020-06-25 22:59 ` Tyler Hicks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1593119109.27152.393.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=dmitry.kasatkin@gmail.com \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=prsriva02@gmail.com \
--cc=serge@hallyn.com \
--cc=tyhicks@linux.microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).