git.baikalelectronics.ru Git - kernel.git/commit

author	Casey Schaufler <casey@schaufler-ca.com>
	Tue, 19 Sep 2017 16:39:08 +0000 (09:39 -0700)
committer	James Morris <james.l.morris@oracle.com>
	Wed, 4 Oct 2017 07:03:15 +0000 (18:03 +1100)
commit	4fb58b523795f56eb71f37fd21c1b6fdb7fb2e61
tree	826c33ecfc1a2bca8601e63c87384218baea890e	tree \| snapshot
parent	0529ce76e06bfcd2f4ad238cecb4e0ff6b0d397b	commit \| diff

lsm: fix smack_inode_removexattr and xattr_getsecurity memleak

security_inode_getsecurity() provides the text string value
of a security attribute. It does not provide a "secctx".
The code in xattr_getsecurity() that calls security_inode_getsecurity()
and then calls security_release_secctx() happened to work because
SElinux and Smack treat the attribute and the secctx the same way.
It fails for cap_inode_getsecurity(), because that module has no
secctx that ever needs releasing. It turns out that Smack is the
one that's doing things wrong by not allocating memory when instructed
to do so by the "alloc" parameter.

The fix is simple enough. Change the security_release_secctx() to
kfree() because it isn't a secctx being returned by
security_inode_getsecurity(). Change Smack to allocate the string when
told to do so.

Note: this also fixes memory leaks for LSMs which implement
inode_getsecurity but not release_secctx, such as capabilities.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reported-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Cc: stable@vger.kernel.org
Signed-off-by: James Morris <james.l.morris@oracle.com>

fs/xattr.c		diff \| blob \| history
security/smack/smack_lsm.c		diff \| blob \| history