Mimi Zohar
2011-May-04 19:18 UTC
[Ocfs2-devel] freeing memory allocated in security_inode_init_security()
Hi, Although it isn't documented in security.c, the LSM security_inode_init_security() hook allocates memory for xattr name and value, expecting the caller to release the memory afterwards. I'm making my way through the different filesystems adding a subsequent call to evm_inode_post_init_security(). I see the call to ocfs2_init_security_and_acl() calls ocfs2_init_security_get(), which in turn calls security_inode_init_security(), but am having a hard time finding where the name and value are subsequently freed. Would appreciate if someone could point it out. thanks, Mimi
Sunil Mushran
2011-May-04 20:09 UTC
[Ocfs2-devel] freeing memory allocated in security_inode_init_security()
On 05/04/2011 12:18 PM, Mimi Zohar wrote:> Although it isn't documented in security.c, the LSM > security_inode_init_security() hook allocates memory for xattr name and > value, expecting the caller to release the memory afterwards. > > I'm making my way through the different filesystems adding a subsequent > call to evm_inode_post_init_security(). I see the call to > ocfs2_init_security_and_acl() calls ocfs2_init_security_get(), which in > turn calls security_inode_init_security(), but am having a hard time > finding where the name and value are subsequently freed. Would > appreciate if someone could point it out.I think we have a leak in the reflink code path. mknod and symlink code paths free the name/value pair. Tiger, Please could you post a fix.