Smack: Fix memory leak in smack_inode_getsecctx

Fix memory leak in smack_inode_getsecctx The implementation of smack_inode_getsecctx() made incorrect assumptions about how Smack presents a security context. Smack does not need to allocate memory to support security contexts, so "releasing" a Smack context is a no-op. The code made an unnecessary copy and returned that as a context, which was never freed. The revised implementation returns the context correctly. Signed-off-by: Casey Schaufler <[email protected]> Reported-by: CHANDAN VN <[email protected]> Tested-by: CHANDAN VN <[email protected]>
bulletkid · Jun 5, 2018 · 0f8983c · 0f8983c
1 parent b3859ee
commit 0f8983c
Showing 1 changed file with 5 additions and 7 deletions.
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
@@ -1545,9 +1545,9 @@ static int smack_inode_listsecurity(struct inode *inode, char *buffer,
  */
 static void smack_inode_getsecid(struct inode *inode, u32 *secid)
 {
-	struct inode_smack *isp = inode->i_security;
+	struct smack_known *skp = smk_of_inode(inode);
 
-	*secid = isp->smk_inode->smk_secid;
+	*secid = skp->smk_secid;
 }
 
 /*
@@ -4538,12 +4538,10 @@ static int smack_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen)
 
 static int smack_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen)
 {
-	int len = 0;
-	len = smack_inode_getsecurity(inode, XATTR_SMACK_SUFFIX, ctx, true);
+	struct smack_known *skp = smk_of_inode(inode);
 
-	if (len < 0)
-		return len;
-	*ctxlen = len;
+	*ctx = skp->smk_known;
+	*ctxlen = strlen(skp->smk_known);
 	return 0;
 }