From 39419ef7af0916cc3620ecf1ed42d29659109bf3 Mon Sep 17 00:00:00 2001
From: GUO Zihua <guozihua@huawei.com>
Date: Fri, 11 Nov 2022 18:13:17 +0800
Subject: [PATCH] integrity: Fix memory leakage in keyring allocation error path
Git-commit: 39419ef7af0916cc3620ecf1ed42d29659109bf3
Patch-mainline: v6.2-rc1
References: git-fixes
Key restriction is allocated in integrity_init_keyring(). However, if
keyring allocation failed, it is not freed, causing memory leaks.
Fixes: 2b6aa412ff23 ("KEYS: Use structure to capture key restriction function and data")
Signed-off-by: GUO Zihua <guozihua@huawei.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Acked-by: Takashi Iwai <tiwai@suse.de>
---
security/integrity/digsig.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -122,6 +122,7 @@ int __init integrity_init_keyring(const
{
struct key_restriction *restriction;
key_perm_t perm;
+ int ret;
perm = (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW
| KEY_USR_READ | KEY_USR_SEARCH;
@@ -142,7 +143,10 @@ int __init integrity_init_keyring(const
perm |= KEY_USR_WRITE;
out:
- return __integrity_init_keyring(id, perm, restriction);
+ ret = __integrity_init_keyring(id, perm, restriction);
+ if (ret)
+ kfree(restriction);
+ return ret;
}
static int __init integrity_add_key(const unsigned int id, const void *data,