summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-09-23 11:39:56 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2019-09-23 11:39:56 -0700
commit1b5fb415442eb3ec946d48afe8c87b0f2fd42d7c (patch)
tree988a0e5d2edb8bcb36a8666de71caad3c6b875f0 /security
parent5825a95fe92566ada2292a65de030850b5cff1da (diff)
parent21ab8580b383f27b7f59b84ac1699cb26d6c3d69 (diff)
Merge tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux
Pull SafeSetID fix from Micah Morton: "Jann Horn sent some patches to fix some bugs in SafeSetID for 5.3. After he had done his testing there were a couple small code tweaks that went in and caused this bug. From what I can see SafeSetID is broken in 5.3 and crashes the kernel every time during initialization if you try to use it. I came across this bug when backporting Jann's changes for 5.3 to older kernels (4.14 and 4.19). I've tested on a Chrome OS device with those kernels and verified that this change fixes things. It doesn't seem super useful to have this bake in linux-next, since it is completely broken in 5.3 and nobody noticed" * tag 'safesetid-bugfix-5.4' of git://github.com/micah-morton/linux: LSM: SafeSetID: Stop releasing uninitialized ruleset
Diffstat (limited to 'security')
-rw-r--r--security/safesetid/securityfs.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c
index d568e17dd773..74a13d432ed8 100644
--- a/security/safesetid/securityfs.c
+++ b/security/safesetid/securityfs.c
@@ -187,7 +187,8 @@ out_free_rule:
out_free_buf:
kfree(buf);
out_free_pol:
- release_ruleset(pol);
+ if (pol)
+ release_ruleset(pol);
return err;
}