summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorGUO Zihua <guozihua@huawei.com>2022-11-11 18:13:17 +0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2022-12-31 13:14:10 +0100
commit29d6c69ba4b96a1de0376e44e5f8b38b13ec8803 (patch)
treeefd4c4a582edb30c74eaa9bcec84b2b7ede6e24c /security
parent8e6df9571744e27bb1e2cf9f1ce896efcbe6c21f (diff)
downloadlinux-29d6c69ba4b96a1de0376e44e5f8b38b13ec8803.tar.gz
linux-29d6c69ba4b96a1de0376e44e5f8b38b13ec8803.tar.bz2
linux-29d6c69ba4b96a1de0376e44e5f8b38b13ec8803.zip
integrity: Fix memory leakage in keyring allocation error path
[ Upstream commit 39419ef7af0916cc3620ecf1ed42d29659109bf3 ] Key restriction is allocated in integrity_init_keyring(). However, if keyring allocation failed, it is not freed, causing memory leaks. Fixes: 2b6aa412ff23 ("KEYS: Use structure to capture key restriction function and data") Signed-off-by: GUO Zihua <guozihua@huawei.com> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'security')
-rw-r--r--security/integrity/digsig.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index 3b06a01bd0fd..aa93b750a9f3 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -122,6 +122,7 @@ int __init integrity_init_keyring(const unsigned int id)
{
struct key_restriction *restriction;
key_perm_t perm;
+ int ret;
perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW
| KEY_USR_READ | KEY_USR_SEARCH;
@@ -142,7 +143,10 @@ int __init integrity_init_keyring(const unsigned int id)
perm |= KEY_USR_WRITE;
out:
- return __integrity_init_keyring(id, perm, restriction);
+ ret = __integrity_init_keyring(id, perm, restriction);
+ if (ret)
+ kfree(restriction);
+ return ret;
}
static int __init integrity_add_key(const unsigned int id, const void *data,
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-06 19:49:12 +0000