| Message ID | 20190925214354.1818-3-tyhicks@canonical.com |
|---|---|
| State | New |
| Headers | show |
| Series | LSM changes for Eoan | expand |
On 9/25/19 2:43 PM, Tyler Hicks wrote: > From: Micah Morton <mortonm@chromium.org> > > BugLink: https://launchpad.net/bugs/1845391 > > The first time a rule set is configured for SafeSetID, we shouldn't be > trying to release the previously configured ruleset, since there isn't > one. Currently, the pointer that would point to a previously configured > ruleset is uninitialized on first rule set configuration, leading to a > crash when we try to call release_ruleset with that pointer. > > Acked-by: Jann Horn <jannh@google.com> > Signed-off-by: Micah Morton <mortonm@chromium.org> > > (cherry picked from commit 21ab8580b383f27b7f59b84ac1699cb26d6c3d69) > Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: John Johansen <john.johnansen@canonical.com> > --- > security/safesetid/securityfs.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c > index d568e17dd773..74a13d432ed8 100644 > --- a/security/safesetid/securityfs.c > +++ b/security/safesetid/securityfs.c > @@ -187,7 +187,8 @@ static ssize_t handle_policy_update(struct file *file, > out_free_buf: > kfree(buf); > out_free_pol: > - release_ruleset(pol); > + if (pol) > + release_ruleset(pol); > return err; > } > >
diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c index d568e17dd773..74a13d432ed8 100644 --- a/security/safesetid/securityfs.c +++ b/security/safesetid/securityfs.c @@ -187,7 +187,8 @@ static ssize_t handle_policy_update(struct file *file, out_free_buf: kfree(buf); out_free_pol: - release_ruleset(pol); + if (pol) + release_ruleset(pol); return err; }