Re: [PATCH 2/2] keys, trusted: seal with a policy

From: Jarkko Sakkinen
Date: Wed Nov 18 2015 - 02:03:53 EST


On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote:
> On Tue, 17 Nov 2015, Jarkko Sakkinen wrote:
>
> > }
> > break;
> > + case Opt_policydigest:
> > + if (!tpm2 ||
> > + strlen(args[0].from) != (2 * opt->digest_len))
> > + return -EINVAL;
> > + kfree(opt->policydigest);
> > + opt->policydigest = kzalloc(opt->digest_len,
> > + GFP_KERNEL);
>
> Is it correct to kfree opt->policydigest here before allocating it?

I think so. The same option might be encountered multiple times.

I don't have the check for nulliy because opt is kzalloc'd and
checkpatch.pl complained that

WARNING: kfree(NULL) is safe and this check is probably not required
#20: FILE: security/keys/trusted.c:829:
+ if (opt->policydigest)
+ kfree(opt->policydigest);

> > + if (!opt->policydigest)
> > + return -ENOMEM;
> > + res = hex2bin(opt->policydigest, args[0].from,
> > + opt->digest_len);
> > + if (res < 0)
> > + return -EINVAL;
>
> Do you need to kfree it here on error?

trusted_options_free() will kfree it.

> --
> James Morris
> <jmorris@xxxxxxxxx>

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/