xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

selinux: fix potential memleak in selinux_add_opt()

Browse Source 
[ Upstream commit 2e08df3c7c4e4e74e3dd5104c100f0bf6288aaa8 ]

This patch try to fix potential memleak in error branch.

Fixes: ba64186233 ("selinux: new helper - selinux_add_opt()")
Signed-off-by: Bernard Zhao <bernard@vivo.com>
[PM: tweak the subject line, add Fixes tag]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Bernard Zhao
2021-12-10 04:03:58 -08:00
committed by Greg Kroah-Hartman
parent 3253cf0914
commit b2b1b490bd
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
security/selinux/hooks.c
View File

@@ -947,18 +947,22 @@ out:
static int selinux_add_opt(int token, const char *s, void **mnt_opts) static int selinux_add_opt(int token, const char *s, void **mnt_opts)
{ {
struct selinux_mnt_opts *opts = *mnt_opts; struct selinux_mnt_opts *opts = *mnt_opts;
bool is_alloc_opts = false;
if (token == Opt_seclabel) /* eaten and completely ignored */ if (token == Opt_seclabel) /* eaten and completely ignored */
return 0; return 0;
if (!s)
return -ENOMEM;
if (!opts) { if (!opts) {
opts = kzalloc(sizeof(struct selinux_mnt_opts), GFP_KERNEL); opts = kzalloc(sizeof(struct selinux_mnt_opts), GFP_KERNEL);
if (!opts) if (!opts)
return -ENOMEM; return -ENOMEM;
*mnt_opts = opts; *mnt_opts = opts;
is_alloc_opts = true;
} }
if (!s)
return -ENOMEM;
switch (token) { switch (token) {
case Opt_context: case Opt_context:
if (opts->context || opts->defcontext) if (opts->context || opts->defcontext)
@@ -983,6 +987,10 @@ static int selinux_add_opt(int token, const char *s, void **mnt_opts)
} }
return 0; return 0;
Einval: Einval:
if (is_alloc_opts) {
kfree(opts);
*mnt_opts = NULL;
}
pr_warn(SEL_MOUNT_FAIL_MSG); pr_warn(SEL_MOUNT_FAIL_MSG);
return -EINVAL; return -EINVAL;
} }