ima: free duplicate measurement memory
authorRoberto Sassu <roberto.sassu@polito.it>
Mon, 19 Dec 2011 14:57:27 +0000 (15:57 +0100)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Tue, 20 Dec 2011 03:04:32 +0000 (22:04 -0500)
Info about new measurements are cached in the iint for performance.  When
the inode is flushed from cache, the associated iint is flushed as well.
Subsequent access to the inode will cause the inode to be re-measured and
will attempt to add a duplicate entry to the measurement list.

This patch frees the duplicate measurement memory, fixing a memory leak.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Cc: stable@vger.kernel.org
security/integrity/ima/ima_api.c
security/integrity/ima/ima_queue.c

index 0d50df04ccc469f6cab0e68323b7de9d915ca09e..88a2788b981d96ab543ac982c8935b09e56b26e3 100644 (file)
@@ -178,8 +178,8 @@ void ima_store_measurement(struct integrity_iint_cache *iint,
        strncpy(entry->template.file_name, filename, IMA_EVENT_NAME_LEN_MAX);
 
        result = ima_store_template(entry, violation, inode);
-       if (!result)
+       if (!result || result == -EEXIST)
                iint->flags |= IMA_MEASURED;
-       else
+       if (result < 0)
                kfree(entry);
 }
index 8e28f04a5e2e8282d2bdd940393fda3a889e77cc..e1a5062b1f6aaf3a9e4496c7a155fff739a76068 100644 (file)
@@ -114,6 +114,7 @@ int ima_add_template_entry(struct ima_template_entry *entry, int violation,
                memcpy(digest, entry->digest, sizeof digest);
                if (ima_lookup_digest_entry(digest)) {
                        audit_cause = "hash_exists";
+                       result = -EEXIST;
                        goto out;
                }
        }