evm: Fix possible memory leak in evm_calc_hmac_or_hash()

commit 0c4395fb2aa77341269ea619c5419ea48171883f upstream. Don't immediately return if the signature is portable and security.ima is not present. Just set error so that memory allocated is freed before returning from evm_calc_hmac_or_hash(). Fixes: 50b977481fce9 ("EVM: Add support for portable signature format") Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Cc: stable@vger.kernel.org Signed-off-by: Mimi Zohar <zohar@linux.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Roberto Sassu <roberto.sassu@huawei.com> 2020-04-14 11:01:31 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-06-20 11:24:19 +0300
commit: 4b9d238c8a534a0374a56c771c7791cb18f3fbed (patch)
tree: d642b9188415648ecc534d72a842a7eaf135e1cd /security
parent: 63125a4a45284122064495ac4a3336b17735b252 (diff)
download: linux-4b9d238c8a534a0374a56c771c7791cb18f3fbed.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index e034dc21421e..b0440cf34970 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -240,7 +240,7 @@ static int evm_calc_hmac_or_hash(struct dentry *dentry,
 
 	/* Portable EVM signatures must include an IMA hash */
 	if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present)
-		return -EPERM;
+		error = -EPERM;
 out:
 	kfree(xattr_value);
 	kfree(desc);
author	Roberto Sassu <roberto.sassu@huawei.com>	2020-04-14 11:01:31 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-06-20 11:24:19 +0300
commit	4b9d238c8a534a0374a56c771c7791cb18f3fbed (patch)
tree	d642b9188415648ecc534d72a842a7eaf135e1cd /security
parent	63125a4a45284122064495ac4a3336b17735b252 (diff)
download	linux-4b9d238c8a534a0374a56c771c7791cb18f3fbed.tar.xz