diff options
author | Casey Schaufler <casey@schaufler-ca.com> | 2018-06-01 10:45:12 -0700 |
---|---|---|
committer | Casey Schaufler <casey@schaufler-ca.com> | 2018-06-05 12:16:01 -0700 |
commit | 0f8983cf97d3327531b7843c831517cac3a1b9ed (patch) | |
tree | 04978f906764ad6794bf824545ff6b35542f443c /security | |
parent | b3859ee18ed287170b66b19a78191f7312ec3470 (diff) |
Smack: Fix memory leak in smack_inode_getsecctx
Fix memory leak in smack_inode_getsecctx
The implementation of smack_inode_getsecctx() made
incorrect assumptions about how Smack presents a security
context. Smack does not need to allocate memory to support
security contexts, so "releasing" a Smack context is a no-op.
The code made an unnecessary copy and returned that as a
context, which was never freed. The revised implementation
returns the context correctly.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reported-by: CHANDAN VN <chandan.vn@samsung.com>
Tested-by: CHANDAN VN <chandan.vn@samsung.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/smack/smack_lsm.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 0b414836bebd..5e3beae334a8 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -1545,9 +1545,9 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer, */ static void smack_inode_getsecid(struct inode *inode, u32 *secid) { - struct inode_smack *isp = inode->i_security; + struct smack_known *skp = smk_of_inode(inode); - *secid = isp->smk_inode->smk_secid; + *secid = skp->smk_secid; } /* @@ -4538,12 +4538,10 @@ static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen) static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen) { - int len = 0; - len = smack_inode_getsecurity(inode, XATTR_SMACK_SUFFIX, ctx, true); + struct smack_known *skp = smk_of_inode(inode); - if (len < 0) - return len; - *ctxlen = len; + *ctx = skp->smk_known; + *ctxlen = strlen(skp->smk_known); return 0; } |