| From 45fae7493970d7c45626ccd96d4a74f5f1eea5a9 Mon Sep 17 00:00:00 2001 |
| From: Roberto Sassu <roberto.sassu@polito.it> |
| Date: Mon, 19 Dec 2011 15:57:27 +0100 |
| Subject: ima: free duplicate measurement memory |
| |
| From: Roberto Sassu <roberto.sassu@polito.it> |
| |
| commit 45fae7493970d7c45626ccd96d4a74f5f1eea5a9 upstream. |
| |
| Info about new measurements are cached in the iint for performance. When |
| the inode is flushed from cache, the associated iint is flushed as well. |
| Subsequent access to the inode will cause the inode to be re-measured and |
| will attempt to add a duplicate entry to the measurement list. |
| |
| This patch frees the duplicate measurement memory, fixing a memory leak. |
| |
| Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> |
| Signed-off-by: Mimi Zohar <zohar@us.ibm.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| |
| --- |
| security/integrity/ima/ima_api.c | 4 ++-- |
| security/integrity/ima/ima_queue.c | 1 + |
| 2 files changed, 3 insertions(+), 2 deletions(-) |
| |
| --- a/security/integrity/ima/ima_api.c |
| +++ b/security/integrity/ima/ima_api.c |
| @@ -183,8 +183,8 @@ void ima_store_measurement(struct ima_ii |
| strncpy(entry->template.file_name, filename, IMA_EVENT_NAME_LEN_MAX); |
| |
| result = ima_store_template(entry, violation, inode); |
| - if (!result) |
| + if (!result || result == -EEXIST) |
| iint->flags |= IMA_MEASURED; |
| - else |
| + if (result < 0) |
| kfree(entry); |
| } |
| --- a/security/integrity/ima/ima_queue.c |
| +++ b/security/integrity/ima/ima_queue.c |
| @@ -113,6 +113,7 @@ int ima_add_template_entry(struct ima_te |
| memcpy(digest, entry->digest, sizeof digest); |
| if (ima_lookup_digest_entry(digest)) { |
| audit_cause = "hash_exists"; |
| + result = -EEXIST; |
| goto out; |
| } |
| } |
