1 files changed, 20 insertions, 18 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 0c72c9c38956..3674a52e1cfb 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -243,32 +243,34 @@ static const struct file_operations ima_ascii_measurements_ops = {
 static ssize_t ima_write_policy(struct file *file, const char __user *buf,
                                size_t datalen, loff_t *ppos)
 {
-        char *data;
+        char *data = NULL;
-        int rc;
+        ssize_t result;
        if (datalen >= PAGE_SIZE)
-                return -ENOMEM;
+                datalen = PAGE_SIZE - 1;
-        if (*ppos != 0) {
-                /* No partial writes. */
+        /* No partial writes. */
-                return -EINVAL;
+        result = -EINVAL;
-        }
+        if (*ppos != 0)
+                goto out;
+        result = -ENOMEM;
        data = kmalloc(datalen + 1, GFP_KERNEL);
        if (!data)
-                return -ENOMEM;
+                goto out;
-        if (copy_from_user(data, buf, datalen)) {
-                kfree(data);
-                return -EFAULT;
-        }
        *(data + datalen) = '\0';
-        rc = ima_parse_add_rule(data);
-        if (rc < 0) {
-                datalen = -EINVAL;
-                valid_policy = 0;
-        }
+        result = -EFAULT;
+        if (copy_from_user(data, buf, datalen))
+                goto out;
+        result = ima_parse_add_rule(data);
+out:
+        if (result < 0)
+                valid_policy = 0;
        kfree(data);
-        return datalen;
+        return result;
 }
 static struct dentry *ima_dir;

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index 0c72c9c38956..3674a52e1cfb 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c
@@ -243,32 +243,34 @@ static const struct file_operations ima_ascii_measurements_ops = {
243	static ssize_t ima_write_policy(struct file file, const char __user buf,	243	static ssize_t ima_write_policy(struct file file, const char __user buf,
244	size_t datalen, loff_t *ppos)	244	size_t datalen, loff_t *ppos)
245	{	245	{
246	char *data;	246	char *data = NULL;
247	int rc;	247	ssize_t result;
248		248
249	if (datalen >= PAGE_SIZE)	249	if (datalen >= PAGE_SIZE)
250	return -ENOMEM;	250	datalen = PAGE_SIZE - 1;
251	if (*ppos != 0) {	251
252	/* No partial writes. */	252	/* No partial writes. */
253	return -EINVAL;	253	result = -EINVAL;
254	}	254	if (*ppos != 0)
		255	goto out;
		256
		257	result = -ENOMEM;
255	data = kmalloc(datalen + 1, GFP_KERNEL);	258	data = kmalloc(datalen + 1, GFP_KERNEL);
256	if (!data)	259	if (!data)
257	return -ENOMEM;	260	goto out;
258		261
259	if (copy_from_user(data, buf, datalen)) {
260	kfree(data);
261	return -EFAULT;
262	}
263	*(data + datalen) = '\0';	262	*(data + datalen) = '\0';
264	rc = ima_parse_add_rule(data);
265	if (rc < 0) {
266	datalen = -EINVAL;
267	valid_policy = 0;
268	}
269		263
		264	result = -EFAULT;
		265	if (copy_from_user(data, buf, datalen))
		266	goto out;
		267
		268	result = ima_parse_add_rule(data);
		269	out:
		270	if (result < 0)
		271	valid_policy = 0;
270	kfree(data);	272	kfree(data);
271	return datalen;	273	return result;
272	}	274	}
273		275
274	static struct dentry *ima_dir;	276	static struct dentry *ima_dir;