[PATCH 1/2] LSM: Check for NULL cred-security on free

From: Casey Schaufler
Date: Fri Jan 11 2019 - 20:31:50 EST

Next message: Brian Masney: "Re: [PATCH v3 2/6] spmi: pmic-arb: convert to v2 irq interfaces to support hierarchical IRQ chips"
Previous message: Shawn Guo: "Re: linux-next: build failure after merge of the imx-mxs tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Check that the cred security blob has been set before trying
to clean it up. There is a case during credential initialization
that could result in this.

Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
---
security/security.c | 7 +++++++
1 file changed, 7 insertions(+)

diff --git a/security/security.c b/security/security.c
index a618e22df5c6..7bffc86d4e87 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1477,6 +1477,13 @@ int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)

void security_cred_free(struct cred *cred)
{
+ /*
+ * There is a failure case in prepare_creds() that
+ * may result in a call here with ->security being NULL.
+ */
+ if (unlikely(cred->security == NULL))
+ return;
+
call_void_hook(cred_free, cred);

kfree(cred->security);
--
2.20.1

Next message: Brian Masney: "Re: [PATCH v3 2/6] spmi: pmic-arb: convert to v2 irq interfaces to support hierarchical IRQ chips"
Previous message: Shawn Guo: "Re: linux-next: build failure after merge of the imx-mxs tree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]