diff mbox

security: hooks : Prevent security to persist in memory (PR #31)

Message ID 20170423005311.GA29693@hackers.mu (mailing list archive)
State Rejected
Headers show

Commit Message

Pirabarlen-Cheenaramen April 23, 2017, 12:53 a.m. UTC
Signed-off-by: Pirabarlen-Cheenaramen <selven@hackers.mu>
---
 security/selinux/hooks.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Paul Moore April 25, 2017, 9:21 p.m. UTC | #1
On Sat, Apr 22, 2017 at 8:53 PM, Pirabarlen-Cheenaramen
<selven@hackers.mu> wrote:
> Signed-off-by: Pirabarlen-Cheenaramen <selven@hackers.mu>
> ---
>  security/selinux/hooks.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index d98550a..9f82908 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -4944,7 +4944,7 @@ static int selinux_tun_dev_alloc_security(void **security)
>
>  static void selinux_tun_dev_free_security(void *security)
>  {
> -       kfree(security);
> +       kzfree(security);

As a general rule we don't zero out memory before free'ing it, you
need to provide some additional information as to why this is required
here.

>  }
>
>  static int selinux_tun_dev_create(void)
> --
> 1.9.1
diff mbox

Patch

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index d98550a..9f82908 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -4944,7 +4944,7 @@  static int selinux_tun_dev_alloc_security(void **security)
 
 static void selinux_tun_dev_free_security(void *security)
 {
-	kfree(security);
+	kzfree(security);
 }
 
 static int selinux_tun_dev_create(void)