From: Micah Morton <mortonm@xxxxxxxxxxxx> [ Upstream commit 21ab8580b383f27b7f59b84ac1699cb26d6c3d69 ] The first time a rule set is configured for SafeSetID, we shouldn't be trying to release the previously configured ruleset, since there isn't one. Currently, the pointer that would point to a previously configured ruleset is uninitialized on first rule set configuration, leading to a crash when we try to call release_ruleset with that pointer. Acked-by: Jann Horn <jannh@xxxxxxxxxx> Signed-off-by: Micah Morton <mortonm@xxxxxxxxxxxx> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx> --- security/safesetid/securityfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c index d568e17dd7739..74a13d432ed80 100644 --- a/security/safesetid/securityfs.c +++ b/security/safesetid/securityfs.c @@ -187,7 +187,8 @@ static ssize_t handle_policy_update(struct file *file, out_free_buf: kfree(buf); out_free_pol: - release_ruleset(pol); + if (pol) + release_ruleset(pol); return err; } -- 2.20.1
