tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

security/apparmor: use kfree_sensitive() in unpack_secmark()

The unpack_secmark() function currently uses kfree() to release memory
allocated for secmark structures and their labels. However, if a failure
occurs after partially parsing secmark, sensitive data may remain in
memory, posing a security risk.

To mitigate this, replace kfree() with kfree_sensitive() for freeing
secmark structures and their labels, aligning with the approach used
in free_ruleset().

I am submitting this as an RFC to seek freedback on whether this change
is appropriate and aligns with the subsystem's expectations. If
confirmed to be helpful, I will send a formal patch.

Signed-off-by: Zilin Guan <zilin@seu.edu.cn>
Signed-off-by: John Johansen <john.johansen@canonical.com>

authored by

Zilin Guan and committed by
John Johansen 2b270e2f 3e45553a

+2 -2
+2 -2
security/apparmor/policy_unpack.c
··· 599 599 fail: 600 600 if (rules->secmark) { 601 601 for (i = 0; i < size; i++) 602 - kfree(rules->secmark[i].label); 603 - kfree(rules->secmark); 602 + kfree_sensitive(rules->secmark[i].label); 603 + kfree_sensitive(rules->secmark); 604 604 rules->secmark_count = 0; 605 605 rules->secmark = NULL; 606 606 }