[RFC PATCH] security/apparmor: use kfree_sensitive() in unpack_secmark()
Zilin Guan
zilin at seu.edu.cn
Fri Apr 25 03:09:51 UTC 2025
On Fri, Apr 18, 2025 at 04:52:50AM+0000, Zilin Guan wrote:
> To mitigate this, replace kfree() with kfree_sensitive() for freeing
> secmark structures and their labels, aligning with the approach used
> in free_ruleset().
To clarify, we propose using kfree_sensitive() for secmark structures and
their labels because they are already freed with kfree_sensitive() in
another error path, specifically in aa_free_profile() -> free_ruleset().
This change aligns both cleanup pathways, whether aborting early in
unpack_secmark() or cleaning up later via aa_free_profile() ->
free_ruleset(). It ensures that all secmark-related allocations are
scrubbed before deallocation, mitigating any potential security risks.
Best Regards,
Zilin Guan
More information about the Linux-security-module-archive
mailing list