summaryrefslogtreecommitdiffstats
path: root/security/integrity/ima/ima_api.c
diff options
context:
space:
mode:
authorRoberto Sassu <roberto.sassu@polito.it>2011-12-19 15:57:27 +0100
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-12-19 22:04:32 -0500
commit45fae7493970d7c45626ccd96d4a74f5f1eea5a9 (patch)
tree0c7bdd82bfcb4bd921a64abb441ca5c20c82a3df /security/integrity/ima/ima_api.c
parent114d6e9c103736487c967060d0a7aec9a7fce967 (diff)
ima: free duplicate measurement memory
Info about new measurements are cached in the iint for performance. When the inode is flushed from cache, the associated iint is flushed as well. Subsequent access to the inode will cause the inode to be re-measured and will attempt to add a duplicate entry to the measurement list. This patch frees the duplicate measurement memory, fixing a memory leak. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Cc: stable@vger.kernel.org
Diffstat (limited to 'security/integrity/ima/ima_api.c')
-rw-r--r--security/integrity/ima/ima_api.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index 0d50df04ccc..88a2788b981 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -178,8 +178,8 @@ void ima_store_measurement(struct integrity_iint_cache *iint,
strncpy(entry->template.file_name, filename, IMA_EVENT_NAME_LEN_MAX);
result = ima_store_template(entry, violation, inode);
- if (!result)
+ if (!result || result == -EEXIST)
iint->flags |= IMA_MEASURED;
- else
+ if (result < 0)
kfree(entry);
}