leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f31e3386a4
linux/security/integrity/ima
History
Lakshmi Ramasubramanian f31e3386a4 ima: Free IMA measurement buffer after kexec syscall 
IMA allocates kernel virtual memory to carry forward the measurement
list, from the current kernel to the next kernel on kexec system call,
in ima_add_kexec_buffer() function.  This buffer is not freed before
completing the kexec system call resulting in memory leak.

Add ima_buffer field in "struct kimage" to store the virtual address
of the buffer allocated for the IMA measurement list.
Free the memory allocated for the IMA measurement list in
kimage_file_post_load_cleanup() function.

Signed-off-by: Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Suggested-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Thiago Jung Bauermann <bauerman@linux.ibm.com>
Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Fixes: 7b8589cc29 ("ima: on soft reboot, save the measurement list")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2021-02-10 15:49:38 -05:00
..
ima_api.c ima: Support additional conditionals in the KEXEC_CMDLINE hook function 2020-07-20 13:28:16 -04:00
ima_appraise.c ima: defer arch_ima_get_secureboot() call to IMA init time 2020-11-02 14:19:01 -05:00
ima_asymmetric_keys.c ima: Support additional conditionals in the KEXEC_CMDLINE hook function 2020-07-20 13:28:16 -04:00
ima_crypto.c ima: Don't modify file descriptor mode on the fly 2020-11-29 07:02:53 -05:00
ima_efi.c ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00
ima_fs.c fs/kernel_file_read: Add "offset" arg for partial reads 2020-10-05 13:37:04 +02:00
ima_init.c ima: Call ima_calc_boot_aggregate() in ima_eventdigest_init() 2020-06-03 17:20:43 -04:00
ima_kexec.c ima: Free IMA measurement buffer after kexec syscall 2021-02-10 15:49:38 -05:00
ima_main.c integrity-v5.11 2020-12-16 11:06:07 -08:00
ima_modsig.c ima: Move comprehensive rule validation checks out of the token parser 2020-07-20 13:28:15 -04:00
ima_mok.c Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs" 2019-07-10 18:43:43 -07:00
ima_policy.c ima: select ima-buf template for buffer measurement 2020-11-20 13:52:43 -05:00
ima_queue_keys.c ima: Support additional conditionals in the KEXEC_CMDLINE hook function 2020-07-20 13:28:16 -04:00
ima_queue.c ima: Remove semicolon at the end of ima_get_binary_runtime_size() 2020-09-15 13:47:41 -04:00
ima_template_lib.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
ima_template_lib.h Replace HTTP links with HTTPS ones: security 2020-08-06 12:00:05 -07:00
ima_template.c ima: select ima-buf template for buffer measurement 2020-11-20 13:52:43 -05:00
ima.h ima: select ima-buf template for buffer measurement 2020-11-20 13:52:43 -05:00
Kconfig Minor fixes for v5.9. 2020-08-11 14:30:36 -07:00
Makefile ima: generalize x86/EFI arch glue for other EFI architectures 2020-11-06 07:40:42 +01:00