linux/security/selinux/ss
Tetsuo Handa 8ed8146028 SELinux: Fix memory leak upon loading policy
Hello.

I got below leak with linux-3.10.0-54.0.1.el7.x86_64 .

[  681.903890] kmemleak: 5538 new suspected memory leaks (see /sys/kernel/debug/kmemleak)

Below is a patch, but I don't know whether we need special handing for undoing
ebitmap_set_bit() call.
----------
>>From fe97527a90fe95e2239dfbaa7558f0ed559c0992 Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Mon, 6 Jan 2014 16:30:21 +0900
Subject: [PATCH] SELinux: Fix memory leak upon loading policy

Commit 2463c26d "SELinux: put name based create rules in a hashtable" did not
check return value from hashtab_insert() in filename_trans_read(). It leaks
memory if hashtab_insert() returns error.

  unreferenced object 0xffff88005c9160d0 (size 8):
    comm "systemd", pid 1, jiffies 4294688674 (age 235.265s)
    hex dump (first 8 bytes):
      57 0b 00 00 6b 6b 6b a5                          W...kkk.
    backtrace:
      [<ffffffff816604ae>] kmemleak_alloc+0x4e/0xb0
      [<ffffffff811cba5e>] kmem_cache_alloc_trace+0x12e/0x360
      [<ffffffff812aec5d>] policydb_read+0xd1d/0xf70
      [<ffffffff812b345c>] security_load_policy+0x6c/0x500
      [<ffffffff812a623c>] sel_write_load+0xac/0x750
      [<ffffffff811eb680>] vfs_write+0xc0/0x1f0
      [<ffffffff811ec08c>] SyS_write+0x4c/0xa0
      [<ffffffff81690419>] system_call_fastpath+0x16/0x1b
      [<ffffffffffffffff>] 0xffffffffffffffff

However, we should not return EEXIST error to the caller, or the systemd will
show below message and the boot sequence freezes.

  systemd[1]: Failed to load SELinux policy. Freezing.

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Eric Paris <eparis@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Paul Moore <pmoore@redhat.com>
2014-01-07 10:21:44 -05:00
..
avtab.c SELinux: allow userspace to read policy back out of the kernel 2010-10-21 10:12:58 +11:00
avtab.h SELinux: Use dentry name in new object labeling 2011-02-01 11:12:30 -05:00
conditional.c selinux: Casting (void *) value returned by kmalloc is useless 2011-12-19 11:23:56 +11:00
conditional.h selinux: sparse fix: fix several warnings in the security server code 2011-09-09 16:56:32 -07:00
constraint.h SELinux: Update policy version to support constraints info 2013-11-19 17:34:23 -05:00
context.h SELinux: allow default source/target selectors for user/role/range 2012-04-09 12:22:47 -04:00
ebitmap.c SELinux: Reduce overhead of mls_level_isvalid() function call 2013-07-25 13:02:18 -04:00
ebitmap.h SELinux: Increase ebitmap_node size for 64-bit configuration 2013-07-25 13:02:31 -04:00
hashtab.c selinux: Unify for- and while-loop style 2008-08-15 08:40:47 +10:00
hashtab.h SELinux: hashtab.h whitespace, syntax, and other cleanups 2008-04-28 09:29:04 +10:00
mls_types.h SELinux: Reduce overhead of mls_level_isvalid() function call 2013-07-25 13:02:18 -04:00
mls.c SELinux: Reduce overhead of mls_level_isvalid() function call 2013-07-25 13:02:18 -04:00
mls.h doc: Update the email address for Paul Moore in various source files 2011-08-01 17:58:33 -07:00
policydb.c SELinux: Fix memory leak upon loading policy 2014-01-07 10:21:44 -05:00
policydb.h SELinux: Update policy version to support constraints info 2013-11-19 17:34:23 -05:00
services.c selinux: revert 102aefdda4 2013-12-13 14:52:25 -05:00
services.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
sidtab.c selinux: cache sidtab_context_to_sid results 2010-12-07 16:44:01 -05:00
sidtab.h selinux: cache sidtab_context_to_sid results 2010-12-07 16:44:01 -05:00
status.c selinux: fix up style problem on /selinux/status 2010-10-21 10:12:41 +11:00
symtab.c selinux: fix error codes in symtab_init() 2010-08-02 15:35:04 +10:00
symtab.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00