diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-09-23 11:39:56 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-09-23 11:39:56 -0700 |
commit | 1b5fb415442eb3ec946d48afe8c87b0f2fd42d7c (patch) | |
tree | 988a0e5d2edb8bcb36a8666de71caad3c6b875f0 /security | |
parent | 5825a95fe92566ada2292a65de030850b5cff1da (diff) | |
parent | 21ab8580b383f27b7f59b84ac1699cb26d6c3d69 (diff) | |
download | linux-stable-1b5fb415442eb3ec946d48afe8c87b0f2fd42d7c.tar.gz linux-stable-1b5fb415442eb3ec946d48afe8c87b0f2fd42d7c.tar.bz2 linux-stable-1b5fb415442eb3ec946d48afe8c87b0f2fd42d7c.zip |
Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux
Pull SafeSetID fix from Micah Morton:
"Jann Horn sent some patches to fix some bugs in SafeSetID for 5.3.
After he had done his testing there were a couple small code tweaks
that went in and caused this bug.
From what I can see SafeSetID is broken in 5.3 and crashes the kernel
every time during initialization if you try to use it. I came across
this bug when backporting Jann's changes for 5.3 to older kernels
(4.14 and 4.19). I've tested on a Chrome OS device with those kernels
and verified that this change fixes things.
It doesn't seem super useful to have this bake in linux-next, since it
is completely broken in 5.3 and nobody noticed"
* tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux:
LSM: SafeSetID: Stop releasing uninitialized ruleset
Diffstat (limited to 'security')
-rw-r--r-- | security/safesetid/securityfs.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c index d568e17dd773..74a13d432ed8 100644 --- a/security/safesetid/securityfs.c +++ b/security/safesetid/securityfs.c @@ -187,7 +187,8 @@ out_free_rule: out_free_buf: kfree(buf); out_free_pol: - release_ruleset(pol); + if (pol) + release_ruleset(pol); return err; } |