mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-27 12:57:53 +00:00
apparmor: Fix memleak in alloc_ns()
[ Upstream commite9e6fa49db
] After changes in commita1bd627b46
("apparmor: share profile name on replacement"), the hname member of struct aa_policy is not valid slab object, but a subset of that, it can not be freed by kfree_sensitive(), use aa_policy_destroy() to fix it. Fixes:a1bd627b46
("apparmor: share profile name on replacement") Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
parent
2d54a27b2c
commit
0250cf8d37
1 changed files with 1 additions and 1 deletions
|
@ -134,7 +134,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
|
|||
return ns;
|
||||
|
||||
fail_unconfined:
|
||||
kfree_sensitive(ns->base.hname);
|
||||
aa_policy_destroy(&ns->base);
|
||||
fail_ns:
|
||||
kfree_sensitive(ns);
|
||||
return NULL;
|
||||
|
|
Loading…
Reference in a new issue