LSM: Check for NULL cred-security on free

From: Casey Schaufler <[email protected]>

Check that the cred security blob has been set before trying
to clean it up. There is a case during credential initialization
that could result in this.

Signed-off-by: Casey Schaufler <[email protected]>
Acked-by: John Johansen <[email protected]>
Signed-off-by: James Morris <[email protected]>
Reported-by: [email protected]

diff --git a/security/security.c b/security/security.c
index f1b8d2587639668a84cc3db1c73e71ee79f86134..55bc49027ba97c13c06b4c1076656cef349cee3c 100644 (file)
--- a/security/security.c
+++ b/security/security.c
@@ -1027,6 +1027,13 @@ int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
 
 void security_cred_free(struct cred *cred)
 {
+       /*
+        * There is a failure case in prepare_creds() that
+        * may result in a call here with ->security being NULL.
+        */
+       if (unlikely(cred->security == NULL))
+               return;
+
        call_void_hook(cred_free, cred);
 }