From: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Date: Thu, 4 Feb 2021 17:49:50 +0000 (-0800)
Subject: ima: Free IMA measurement buffer on error
X-Git-Tag: v4.19.178~145
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3911ee3ddf944dbf0cf2894ee701cad61b609697;p=thirdparty%2Fkernel%2Fstable.git

ima: Free IMA measurement buffer on error

[ Upstream commit 6d14c6517885fa68524238787420511b87d671df ]

IMA allocates kernel virtual memory to carry forward the measurement
list, from the current kernel to the next kernel on kexec system call,
in ima_add_kexec_buffer() function.  In error code paths this memory
is not freed resulting in memory leak.

Free the memory allocated for the IMA measurement list in
the error code paths in ima_add_kexec_buffer() function.

Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Fixes: 7b8589cc29e7 ("ima: on soft reboot, save the measurement list")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/security/integrity/ima/ima_kexec.c b/security/integrity/ima/ima_kexec.c
index 16bd18747cfa0..9f8449dea5b69 100644
--- a/security/integrity/ima/ima_kexec.c
+++ b/security/integrity/ima/ima_kexec.c
@@ -124,6 +124,7 @@ void ima_add_kexec_buffer(struct kimage *image)
 	ret = kexec_add_buffer(&kbuf);
 	if (ret) {
 		pr_err("Error passing over kexec measurement buffer.\n");
+		vfree(kexec_buffer);
 		return;
 	}