The args_p member is a simple string that is allocated by ima_rule_init(). Shallow copy it like other non-LSM references in ima_rule_entry structs. There are no longer any necessary error path cleanups to do in ima_lsm_copy_rule() so reference ownership from entry to nentry becomes easier. Signed-off-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxxx> --- security/integrity/ima/ima_policy.c | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c index e33347148aa9..e9c7d318fdd4 100644 --- a/security/integrity/ima/ima_policy.c +++ b/security/integrity/ima/ima_policy.c @@ -306,10 +306,8 @@ static struct ima_rule_entry *ima_lsm_copy_rule(struct ima_rule_entry *entry) continue; nentry->lsm[i].type = entry->lsm[i].type; - nentry->lsm[i].args_p = kstrdup(entry->lsm[i].args_p, - GFP_KERNEL); - if (!nentry->lsm[i].args_p) - goto out_err; + nentry->lsm[i].args_p = entry->lsm[i].args_p; + entry->lsm[i].args_p = NULL; security_filter_rule_init(nentry->lsm[i].type, Audit_equal, @@ -325,13 +323,6 @@ static struct ima_rule_entry *ima_lsm_copy_rule(struct ima_rule_entry *entry) entry->keyrings = NULL; entry->template = NULL; return nentry; - -out_err: - nentry->fsname = NULL; - nentry->keyrings = NULL; - nentry->template = NULL; - ima_free_rule(nentry); - return NULL; } static int ima_lsm_update_rule(struct ima_rule_entry *entry) -- 2.25.1
