tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
veriexec
While looking at Sevan's recent PR, I notice a couple of problems with
the current code.
In sys/kern_veriexec.c routine veriexec_file_add(), at line 1072 we
allocate a vfe entry, and initialize the rw_lock contained therein.
Then there are some error branches at lines 1082 and 1090 that simply
"goto out" without ever destroying the rw_lock nor free()ing the vfe.
I suggest the following diffs to fix this problem:
Index: kern_veriexec.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_veriexec.c,v
retrieving revision 1.12
diff -u -p -r1.12 kern_veriexec.c
--- kern_veriexec.c 12 Apr 2017 10:30:02 -0000 1.12
+++ kern_veriexec.c 29 Aug 2017 02:17:58 -0000
@@ -1079,7 +1079,7 @@ veriexec_file_add(struct lwp *l, prop_di
log(LOG_ERR, "Veriexec: Invalid or unknown fingerprint type "
"`%s' for file `%s'.\n", fp_type, file);
error = EOPNOTSUPP;
- goto out;
+ goto free_out;
}
if (prop_data_size(prop_dictionary_get(dict, "fp")) !=
@@ -1087,7 +1087,7 @@ veriexec_file_add(struct lwp *l, prop_di
log(LOG_ERR, "Veriexec: Bad fingerprint length for `%s'.\n",
file);
error = EINVAL;
- goto out;
+ goto free_out;
}
vfe->fp = kmem_alloc(vfe->ops->hash_len, KM_SLEEP);
@@ -1158,6 +1158,10 @@ veriexec_file_add(struct lwp *l, prop_di
unlock_out:
rw_exit(&veriexec_op_lock);
+ free_out:
+ rw_destroy(&vfe->lock);
+ kmem_free(vfe, sizeof(*vfe));
+
out:
vrele(vp);
if (error)
Comments or other suggestions?
+------------------+--------------------------+----------------------------+
| Paul Goyette | PGP Key fingerprint: | E-mail addresses: |
| (Retired) | FA29 0E3B 35AF E8AE 6651 | paul at whooppee dot com |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd dot org |
+------------------+--------------------------+----------------------------+
Home |
Main Index |
Thread Index |
Old Index