Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp1460727iog; Tue, 14 Jun 2022 06:35:25 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tAZkJRxB/mHZJBYY15oD4uaMFiATua4D1XyU8y9n+ychForYSdev3Y2A0L/5Jln/QXfBy8 X-Received: by 2002:a05:6402:369c:b0:431:94ec:10ac with SMTP id ej28-20020a056402369c00b0043194ec10acmr6166821edb.55.1655213725381; Tue, 14 Jun 2022 06:35:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655213725; cv=none; d=google.com; s=arc-20160816; b=BFNV4iGKJdit7ADD5N7RXgVE4XdJJCqeBfJEjchZoyhqns2oikH5ObPCC+9jloEMzW 0fgJ9R9ZZjwVshN6KVdUZGr/VjfS3MSlkEaixa1dltDTuJHJzV/iQU+AdPzwOF2wEWY/ aGC5YsiHZcEkBvjZaJg74y5PTGptw/u9hlnFj3x0DTgZJevk50eOH/kyUWGSBy6NM/CM O7E2DccTb/sZh2vblv1hhJYrCMuM4d9VOMUsmxNEThDwShtCvAcCWekNYq48ZHSholZS CemT+sBrl2NmWTdHsuL7k/6Yq95fwmghImm47gc4HqxYMC727hW/CQz44gfzLpILm3lh 4aRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=RIwWxn9c1j1uI+Rss/iv6mmeQ1IDi7gRZIWjSpwU2dc=; b=Ew5YVpExU9FKydixt588rffcBlPRJVz2xkUetFkXWQvw5ON5WHCMqNijErtI8NWPiI T04FBat483quL1Jgz/KYT6YKCHAbo4YyTtBgkBbOcAHjLlLyaTiwGhJTBWE/mtoLCLQh 82wwVjLTauLsrTkZKXENb/KxYZ0hsndVWkdMgVXFhIhPQTMFXuDYEucDBLEMvRwUb3dW WRsbUmv44EYqe0Pjj0hQEeTmvRq2AcEc4eDcCBhuYZZFF8HyPbsBVrn2AyLEU76noxfP ssAGycc84Fd2OybQu/saLyGcPHlaluPxZ2fYUkXHZqGhJ5Po4USPULyZDu6vEpJvVc2H 6mvg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=eIF1n0E6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id gs19-20020a1709072d1300b006ff5db50ce9si12404962ejc.832.2022.06.14.06.34.50; Tue, 14 Jun 2022 06:35:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=eIF1n0E6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243547AbiFNM5q (ORCPT + 99 others); Tue, 14 Jun 2022 08:57:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S244201AbiFNM5n (ORCPT ); Tue, 14 Jun 2022 08:57:43 -0400 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 29D35CE2F for ; Tue, 14 Jun 2022 05:57:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1655211462; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=RIwWxn9c1j1uI+Rss/iv6mmeQ1IDi7gRZIWjSpwU2dc=; b=eIF1n0E6B4Od0C7OvYDn8AIzCOToRmBHQ9Ks56WplFuAh8NFxY5j/7c2G6KG8dMSOtNKXm Y2PV57Eff5m16P3WJA2YU8dof6BABZK89c9UTF6cGyKDZbP9flt73tU9xEZokdM+5rCgF0 PLv38B2XrIB5g5IYvktqHDEoXCVIVFc= Received: from mail-yw1-f200.google.com (mail-yw1-f200.google.com [209.85.128.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-588-7-PfkY2bMo-X7OKKQ5ZKvw-1; Tue, 14 Jun 2022 08:57:41 -0400 X-MC-Unique: 7-PfkY2bMo-X7OKKQ5ZKvw-1 Received: by mail-yw1-f200.google.com with SMTP id 00721157ae682-30cb80ee75cso24483877b3.15 for ; Tue, 14 Jun 2022 05:57:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RIwWxn9c1j1uI+Rss/iv6mmeQ1IDi7gRZIWjSpwU2dc=; b=2CBsERQD2FdP7ShLw4jYopT+YInrYgu8Z49nx6pKzK4filrhXr9FNrJzM5rz5VL6N/ sD4wiIMMBlO+QmwacCTfv5VWw4d20RDoqANhlzJUlY7DL70ORN01LczZEcHiQgkkqku8 543yxwNKKT9QUtbExdFsT/XVZuY/rpNv/WmgcadvOa3bKQPxzdF8hAmxIRLB9kXdCQgz ei3HZSgnqqmOgTkHcKOMXkj7xRFTE2Rr8gmW4Zx6PX7+AGj+Sg12bRSeahPB/YbjUTPS LrgtxMuBMK7SnRmh2LIojf2bqah5vqGwRBWZxf3bZbz9qTjN7n8Pjg5TOsyWV8bUx8nq f7dQ== X-Gm-Message-State: AJIora8u9OqtTkbB9/e/18xYOvsimnmAKgkuz5jO+VBlmfL9HjiXj3h0 jAqctXDFTuffdCtLkJb7xUpCANiWIwp2A3GnUB5quokWHxEEwItQFdDdkjusBUGecx/PTFaHKTJ gz+3AJnyVuxrQ7ELOCojBbHR57HhYVwCGDs9miUch X-Received: by 2002:a25:3810:0:b0:664:4424:e9f9 with SMTP id f16-20020a253810000000b006644424e9f9mr4804919yba.21.1655211460488; Tue, 14 Jun 2022 05:57:40 -0700 (PDT) X-Received: by 2002:a25:3810:0:b0:664:4424:e9f9 with SMTP id f16-20020a253810000000b006644424e9f9mr4804897yba.21.1655211460246; Tue, 14 Jun 2022 05:57:40 -0700 (PDT) MIME-Version: 1.0 References: <20220613135953.135998-1-xiujianfeng@huawei.com> In-Reply-To: <20220613135953.135998-1-xiujianfeng@huawei.com> From: Ondrej Mosnacek Date: Tue, 14 Jun 2022 14:57:29 +0200 Message-ID: Subject: Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel To: Xiu Jianfeng Cc: Paul Moore , Stephen Smalley , Eric Paris , =?UTF-8?Q?Christian_G=C3=B6ttsche?= , michalorzel.eng@gmail.com, Austin Kim , SElinux list , Linux kernel mailing list Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-4.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 13, 2022 at 4:02 PM Xiu Jianfeng wrote: > In this function, it directly returns the result of __security_read_policy > without freeing the allocated memory in *data, cause memory leak issue, > so free the memory if __security_read_policy failed. > > Signed-off-by: Xiu Jianfeng > --- > security/selinux/ss/services.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c > index 69b2734311a6..fe5fcf571c56 100644 > --- a/security/selinux/ss/services.c > +++ b/security/selinux/ss/services.c > @@ -4048,6 +4048,7 @@ int security_read_policy(struct selinux_state *state, > int security_read_state_kernel(struct selinux_state *state, > void **data, size_t *len) > { > + int err; > struct selinux_policy *policy; > > policy = rcu_dereference_protected( > @@ -4060,5 +4061,11 @@ int security_read_state_kernel(struct selinux_state *state, > if (!*data) > return -ENOMEM; > > - return __security_read_policy(policy, *data, len); > + err = __security_read_policy(policy, *data, len); > + if (err) { > + vfree(*data); > + *data = NULL; > + *len = 0; > + } > + return err; > } > -- > 2.17.1 > security_read_policy() defined a few lines above has the same pattern (just with vmalloc_user() in place of vmalloc()). Would you like to send another patch to fix that function as well? -- Ondrej Mosnacek Software Engineer, Linux Security - SELinux kernel Red Hat, Inc.