From patchwork Fri Jun 19 14:33:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Greg Kroah-Hartman X-Patchwork-Id: 223738 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI, SIGNED_OFF_BY, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 58F12C433E0 for ; Fri, 19 Jun 2020 16:34:25 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 35988218AC for ; Fri, 19 Jun 2020 16:34:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1592584465; bh=dKI2bBLdOxhTvg24W0G8MlZlOLhMnxcDkqMRMjlOq/4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=kK5+8JnKqBn/+ySeWUwfQVxq1ZMUKaFML7fpsTQs6BJTmvri7OXWTuNEzrj5n/8oC llTZNK2zee5hHRj0U4AjI3BOhxk/eUHPAscQF6sE2xnlHOQ7PVH4gfOi7Iy0wjElSN LxC0fBJndOgThOYg+FinI7F+9+MzUiLb+1G+SzrA= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2395162AbgFSQeV (ORCPT ); Fri, 19 Jun 2020 12:34:21 -0400 Received: from mail.kernel.org ([198.145.29.99]:44208 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389390AbgFSOu7 (ORCPT ); Fri, 19 Jun 2020 10:50:59 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id EC100206DB; Fri, 19 Jun 2020 14:50:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1592578259; bh=dKI2bBLdOxhTvg24W0G8MlZlOLhMnxcDkqMRMjlOq/4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=xmIzDIeGNpiBrq9WDPudHo2QEkHlBPNowvbk9tV9fLsAEh9B/lmmAiS+5dMXiFlM+ ylcnCjVAGRPyMH+G0atcBpHhCnCHbgud1Q+iJkBIjwxvvqituxqJkALlHqojEvDADz l9xUpD7e9xiwVBGQ7qBrzSddH3IlUQqB2GtVVNh4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Roberto Sassu , Mimi Zohar Subject: [PATCH 4.14 144/190] evm: Fix possible memory leak in evm_calc_hmac_or_hash() Date: Fri, 19 Jun 2020 16:33:09 +0200 Message-Id: <20200619141640.884963419@linuxfoundation.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619141633.446429600@linuxfoundation.org> References: <20200619141633.446429600@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Roberto Sassu commit 0c4395fb2aa77341269ea619c5419ea48171883f upstream. Don't immediately return if the signature is portable and security.ima is not present. Just set error so that memory allocated is freed before returning from evm_calc_hmac_or_hash(). Fixes: 50b977481fce9 ("EVM: Add support for portable signature format") Signed-off-by: Roberto Sassu Cc: stable@vger.kernel.org Signed-off-by: Mimi Zohar Signed-off-by: Greg Kroah-Hartman --- security/integrity/evm/evm_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c @@ -240,7 +240,7 @@ static int evm_calc_hmac_or_hash(struct /* Portable EVM signatures must include an IMA hash */ if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present) - return -EPERM; + error = -EPERM; out: kfree(xattr_value); kfree(desc);