summaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_init.c
diff options
context:
space:
mode:
authorRoberto Sassu <roberto.sassu@polito.it>2013-12-02 19:40:34 +0100
committerMimi Zohar <zohar@linux.vnet.ibm.com>2013-12-03 02:46:56 +0100
commita7ed7c60e14df5b986f93549717235b882643e7e (patch)
tree7e615a0664541d91f99c5875164b335b74fd8d8d /security/integrity/ima/ima_init.c
parentima: Do not free 'entry' before it is initialized (diff)
downloadlinux-a7ed7c60e14df5b986f93549717235b882643e7e.tar.xz
linux-a7ed7c60e14df5b986f93549717235b882643e7e.zip
ima: properly free ima_template_entry structures
The new templates management mechanism records information associated to an event into an array of 'ima_field_data' structures and makes it available through the 'template_data' field of the 'ima_template_entry' structure (the element of the measurements list created by IMA). Since 'ima_field_data' contains dynamically allocated data (which length varies depending on the data associated to a selected template field), it is not enough to just free the memory reserved for a 'ima_template_entry' structure if something goes wrong. This patch creates the new function ima_free_template_entry() which walks the array of 'ima_field_data' structures, frees the memory referenced by the 'data' pointer and finally the space reserved for the 'ima_template_entry' structure. Further, it replaces existing kfree() that have a pointer to an 'ima_template_entry' structure as argument with calls to the new function. Fixes: a71dc65: ima: switch to new template management mechanism Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Diffstat (limited to 'security/integrity/ima/ima_init.c')
-rw-r--r--security/integrity/ima/ima_init.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index 76b8e2c4fd38..37122768554a 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -75,7 +75,7 @@ static void __init ima_add_boot_aggregate(void)
result = ima_store_template(entry, violation, NULL,
boot_aggregate_name);
if (result < 0)
- kfree(entry);
+ ima_free_template_entry(entry);
return;
err_out:
integrity_audit_msg(AUDIT_INTEGRITY_PCR, NULL, boot_aggregate_name, op,