[PATCH 68/97] netfilter: Fix memory leak introduced with lsm_context
Casey Schaufler
casey at schaufler-ca.com
Thu Feb 28 22:19:04 UTC 2019
Fix a memory leak introduced by the scaffolding around
the introduction of lsm_context structures.
Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
---
net/netfilter/nfnetlink_queue.c | 18 ++++++------------
1 file changed, 6 insertions(+), 12 deletions(-)
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 4a3d4b52caef..7a095b9d0a10 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -305,14 +305,13 @@ static int nfqnl_put_sk_uidgid(struct sk_buff *skb, struct sock *sk)
return -1;
}
-static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata)
+static void nfqnl_get_sk_secctx(struct sk_buff *skb, struct lsm_context *cp)
{
#if IS_ENABLED(CONFIG_NETWORK_SECMARK)
struct lsm_export le;
- struct lsm_context lc = { .context = NULL, .len = 0, };
if (!skb || !sk_fullsock(skb->sk))
- return 0;
+ return;
read_lock_bh(&skb->sk->sk_callback_lock);
@@ -322,14 +321,10 @@ static u32 nfqnl_get_sk_secctx(struct sk_buff *skb, char **secdata)
le.flags = LSM_EXPORT_SELINUX | LSM_EXPORT_SMACK;
le.selinux = skb->secmark;
le.smack = skb->secmark;
- security_secid_to_secctx(&le, &lc);
- *secdata = lc.context;
+ security_secid_to_secctx(&le, cp);
}
read_unlock_bh(&skb->sk->sk_callback_lock);
- return lc.len;
-#else
- return 0;
#endif
}
@@ -406,7 +401,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
enum ip_conntrack_info uninitialized_var(ctinfo);
struct nfnl_ct_hook *nfnl_ct;
bool csum_verify;
- struct lsm_context lc = { .context = NULL, };
+ struct lsm_context lc;
size = nlmsg_total_size(sizeof(struct nfgenmsg))
+ nla_total_size(sizeof(struct nfqnl_msg_packet_hdr))
@@ -472,7 +467,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
}
if ((queue->flags & NFQA_CFG_F_SECCTX) && entskb->sk) {
- lc.len = nfqnl_get_sk_secctx(entskb, &lc.context);
+ nfqnl_get_sk_secctx(entskb, &lc);
if (lc.len)
size += nla_total_size(lc.len);
}
@@ -635,8 +630,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
}
nlh->nlmsg_len = skb->len;
- if (lc.context)
- security_release_secctx(&lc);
+ security_release_secctx(&lc);
return skb;
nla_put_failure:
--
2.17.0
More information about the Linux-security-module-archive
mailing list