Linux-Integrity Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] ima: more careful error checking in restore_template_fmt()
@ 2020-02-12 14:41 Konsta Karsisto
  0 siblings, 0 replies; only message in thread
From: Konsta Karsisto @ 2020-02-12 14:41 UTC (permalink / raw)
  To: linux-integrity; +Cc: Konsta Karsisto

Fix a case where a failure in strdup() after a successful kzalloc()
could lead to a crash later on. Also, change the function signature
to allow returning an error code, which can be returned a the return
value of ima_restore_measurement_list().

Signed-off-by: Konsta Karsisto <konsta.karsisto@gmail.com>
---

Unfortunately, I'm not familiar with the ima kexec cofiguration,
and thus this has been compile tested only.

 security/integrity/ima/ima_template.c | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 6aa6408603e3..6b1964cbcbf5 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -270,7 +270,7 @@ int __init ima_init_template(void)
 	return result;
 }
 
-static struct ima_template_desc *restore_template_fmt(char *template_name)
+static int restore_template_fmt(char *template_name, struct ima_template_desc **returned_desc)
 {
 	struct ima_template_desc *template_desc = NULL;
 	int ret;
@@ -279,23 +279,27 @@ static struct ima_template_desc *restore_template_fmt(char *template_name)
 	if (ret < 0) {
 		pr_err("attempting to initialize the template \"%s\" failed\n",
 			template_name);
-		goto out;
+		return ret;
 	}
 
 	template_desc = kzalloc(sizeof(*template_desc), GFP_KERNEL);
 	if (!template_desc)
-		goto out;
+		return -ENOMEM;
 
 	template_desc->name = "";
 	template_desc->fmt = kstrdup(template_name, GFP_KERNEL);
-	if (!template_desc->fmt)
-		goto out;
+	if (!template_desc->fmt) {
+		kfree(template_desc);
+		return -ENOMEM;
+	}
 
 	spin_lock(&template_list);
 	list_add_tail_rcu(&template_desc->list, &defined_templates);
 	spin_unlock(&template_list);
-out:
-	return template_desc;
+
+	*returned_desc = template_desc;
+
+	return 0;
 }
 
 static int ima_restore_template_data(struct ima_template_desc *template_desc,
@@ -421,8 +425,8 @@ int ima_restore_measurement_list(loff_t size, void *buf)
 
 		template_desc = lookup_template_desc(template_name);
 		if (!template_desc) {
-			template_desc = restore_template_fmt(template_name);
-			if (!template_desc)
+			ret = restore_template_fmt(template_name, &template_desc);
+			if (ret < 0)
 				break;
 		}
 
-- 
2.17.1


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-12 14:41 [PATCH] ima: more careful error checking in restore_template_fmt() Konsta Karsisto

Linux-Integrity Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-integrity/0 linux-integrity/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-integrity linux-integrity/ https://lore.kernel.org/linux-integrity \
		linux-integrity@vger.kernel.org
	public-inbox-index linux-integrity

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-integrity


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git