linux

Go to file

Tyler Hicks 2bdd737c56 ima: Free the entire rule if it fails to parse

Use ima_free_rule() to fix memory leaks of allocated ima_rule_entry
members, such as .fsname and .keyrings, when an error is encountered
during rule parsing.

Set the args_p pointer to NULL after freeing it in the error path of
ima_lsm_rule_init() so that it isn't freed twice.

This fixes a memory leak seen when loading an rule that contains an
additional piece of allocated memory, such as an fsname, followed by an
invalid conditional:

 # echo "measure fsname=tmpfs bad=cond" > /sys/kernel/security/ima/policy
 -bash: echo: write error: Invalid argument
 # echo scan > /sys/kernel/debug/kmemleak
 # cat /sys/kernel/debug/kmemleak
 unreferenced object 0xffff98e7e4ece6c0 (size 8):
   comm "bash", pid 672, jiffies 4294791843 (age 21.855s)
   hex dump (first 8 bytes):
     74 6d 70 66 73 00 6b a5                          tmpfs.k.
   backtrace:
     [<00000000abab7413>] kstrdup+0x2e/0x60
     [<00000000f11ede32>] ima_parse_add_rule+0x7d4/0x1020
     [<00000000f883dd7a>] ima_write_policy+0xab/0x1d0
     [<00000000b17cf753>] vfs_write+0xde/0x1d0
     [<00000000b8ddfdea>] ksys_write+0x68/0xe0
     [<00000000b8e21e87>] do_syscall_64+0x56/0xa0
     [<0000000089ea7b98>] entry_SYSCALL_64_after_hwframe+0x44/0xa9

Fixes: f1b08bbcbd ("ima: define a new policy condition based on the filesystem name")
Fixes: 2b60c0eced ("IMA: Read keyrings= option from the IMA policy")
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

2020-07-16 21:53:55 -04:00

arch

Merge tag 'kbuild-fixes-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2020-06-21 12:44:52 -07:00

block

Merge tag 'block-5.8-2020-06-19' of git://git.kernel.dk/linux-block

2020-06-19 13:11:26 -07:00

certs

.gitignore: add SPDX License Identifier

2020-03-25 11:50:48 +01:00

crypto

crypto: drbg - always try to free Jitter RNG instance

2020-06-15 17:38:54 +10:00

Documentation

Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux

2020-06-20 19:18:27 -07:00

drivers

Merge tag 'pinctrl-v5.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl

2020-06-21 13:04:57 -07:00

Merge tag 'trace-v5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

2020-06-20 13:17:47 -07:00

include

Merge tag 'powerpc-5.8-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

2020-06-21 10:02:53 -07:00

init

Merge tag 'kbuild-v5.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2020-06-13 13:29:16 -07:00

ipc

mmap locking API: use coccinelle to convert mmap_sem rwsem call sites

2020-06-09 09:39:14 -07:00

kernel

Merge tag 'trace-v5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

2020-06-20 13:17:47 -07:00

lib

Merge tag 'kbuild-fixes-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2020-06-21 12:44:52 -07:00

LICENSES

LICENSES: Rename other to deprecated

2019-05-03 06:34:32 -06:00

Merge tag 'powerpc-5.8-3' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux

2020-06-21 10:02:53 -07:00

net

Merge tag 'ceph-for-5.8-rc2' of git://github.com/ceph/ceph-client

2020-06-19 12:25:04 -07:00

samples

Merge tag 'kbuild-fixes-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2020-06-21 12:44:52 -07:00

scripts

Merge tag 'kbuild-fixes-v5.8' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2020-06-21 12:44:52 -07:00

security

ima: Free the entire rule if it fails to parse

2020-07-16 21:53:55 -04:00

sound

ASoC: SOF: Replace zero-length array with flexible-array

2020-06-15 23:08:32 -05:00

tools

Merge tag 'trace-v5.8-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

2020-06-20 13:17:47 -07:00

usr

bpfilter: match bit size of bpfilter_umh to that of the kernel

2020-05-17 18:52:01 +09:00

virt

Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm

2020-06-12 11:05:52 -07:00

.clang-format

block: add bio_for_each_bvec_all()

2020-05-25 11:25:24 +02:00

.cocciconfig

scripts: add Linux .cocciconfig for coccinelle

2016-07-22 12:13:39 +02:00

.get_maintainer.ignore

Opt out of scripts/get_maintainer.pl

2019-05-16 10:53:40 -07:00

.gitattributes

.gitattributes: use 'dts' diff driver for dts files

2019-12-04 19:44:11 -08:00

.gitignore

modpost: generate vmlinux.symvers and reuse it for the second modpost

2020-06-06 23:38:12 +09:00

.mailmap

Merge tag 'docs-5.8' of git://git.lwn.net/linux

2020-06-01 15:45:27 -07:00

COPYING

COPYING: state that all contributions really are covered by this file

2020-02-10 13:32:20 -08:00

CREDITS

mailmap: change email for Ricardo Ribalda

2020-05-25 18:59:59 -06:00

Kbuild

kbuild: rename hostprogs-y/always to hostprogs/always-y

2020-02-04 01:53:07 +09:00

Kconfig

kbuild: ensure full rebuild when the compiler is updated

2020-05-12 13:28:33 +09:00

MAINTAINERS

Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux

2020-06-20 19:18:27 -07:00

Makefile

Linux 5.8-rc2

2020-06-21 15:45:29 -07:00

README

Drop all 00-INDEX files from Documentation/

2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.

Languages

C 97.5%

Assembly 1%

Shell 0.6%

Python 0.3%

Makefile 0.3%