github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-04 20:46:48 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph

security/apparmor: use kfree_sensitive() in unpack_secmark()

Browse Source 
The unpack_secmark() function currently uses kfree() to release memory
allocated for secmark structures and their labels. However, if a failure
occurs after partially parsing secmark, sensitive data may remain in
memory, posing a security risk.

To mitigate this, replace kfree() with kfree_sensitive() for freeing
secmark structures and their labels, aligning with the approach used
in free_ruleset().

I am submitting this as an RFC to seek freedback on whether this change
is appropriate and aligns with the subsystem's expectations. If
confirmed to be helpful, I will send a formal patch.

Signed-off-by: Zilin Guan <zilin@seu.edu.cn>
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Zilin Guan 2025-04-18 04:52:50 +00:00 committed by John Johansen
parent 3e45553acb
commit 2b270e2f43
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security/apparmor/policy_unpack.c
View File

@ -599,8 +599,8 @@ static bool unpack_secmark(struct aa_ext *e, struct aa_ruleset *rules)
fail:
if (rules->secmark) {
for (i = 0; i < size; i++)
kfree(rules->secmark[i].label);
kfree(rules->secmark);
kfree_sensitive(rules->secmark[i].label);
kfree_sensitive(rules->secmark);
rules->secmark_count = 0;
rules->secmark = NULL;
}