summaryrefslogtreecommitdiff
path: root/certs
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2020-08-21 23:34:52 +0300
committerDavid S. Miller <davem@davemloft.net>2020-08-25 02:08:00 +0300
commitd3b990b7f327e2afa98006e7666fb8ada8ed8683 (patch)
tree3788a674b2f7c2bb3c744323b2393580c8ac15bb /certs
parent3106ecb43a05dc3e009779764b9da245a5d082de (diff)
downloadlinux-d3b990b7f327e2afa98006e7666fb8ada8ed8683.tar.xz
netlabel: fix problems with mapping removal
This patch fixes two main problems seen when removing NetLabel mappings: memory leaks and potentially extra audit noise. The memory leaks are caused by not properly free'ing the mapping's address selector struct when free'ing the entire entry as well as not properly cleaning up a temporary mapping entry when adding new address selectors to an existing entry. This patch fixes both these problems such that kmemleak reports no NetLabel associated leaks after running the SELinux test suite. The potentially extra audit noise was caused by the auditing code in netlbl_domhsh_remove_entry() being called regardless of the entry's validity. If another thread had already marked the entry as invalid, but not removed/free'd it from the list of mappings, then it was possible that an additional mapping removal audit record would be generated. This patch fixes this by returning early from the removal function when the entry was previously marked invalid. This change also had the side benefit of improving the code by decreasing the indentation level of large chunk of code by one (accounting for most of the diffstat). Fixes: 63c416887437 ("netlabel: Add network address selectors to the NetLabel/LSM domain mapping") Reported-by: Stephen Smalley <stephen.smalley.work@gmail.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'certs')
0 files changed, 0 insertions, 0 deletions