1 files changed, 20 insertions, 18 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 07cb9c338cc4..8fe736aabe71 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -244,32 +244,34 @@ static const struct file_operations ima_ascii_measurements_ops = {
 static ssize_t ima_write_policy(struct file *file, const char __user *buf,
                                size_t datalen, loff_t *ppos)
 {
-        char *data;
+        char *data = NULL;
-        int rc;
+        ssize_t result;
        if (datalen >= PAGE_SIZE)
-                return -ENOMEM;
+                datalen = PAGE_SIZE - 1;
-        if (*ppos != 0) {
-                /* No partial writes. */
+        /* No partial writes. */
-                return -EINVAL;
+        result = -EINVAL;
-        }
+        if (*ppos != 0)
+                goto out;
+        result = -ENOMEM;
        data = kmalloc(datalen + 1, GFP_KERNEL);
        if (!data)
-                return -ENOMEM;
+                goto out;
-        if (copy_from_user(data, buf, datalen)) {
-                kfree(data);
-                return -EFAULT;
-        }
        *(data + datalen) = '\0';
-        rc = ima_parse_add_rule(data);
-        if (rc < 0) {
-                datalen = -EINVAL;
-                valid_policy = 0;
-        }
+        result = -EFAULT;
+        if (copy_from_user(data, buf, datalen))
+                goto out;
+        result = ima_parse_add_rule(data);
+out:
+        if (result < 0)
+                valid_policy = 0;
        kfree(data);
-        return datalen;
+        return result;
 }
 static struct dentry *ima_dir;

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index 07cb9c338cc4..8fe736aabe71 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c
@@ -244,32 +244,34 @@ static const struct file_operations ima_ascii_measurements_ops = {
244	static ssize_t ima_write_policy(struct file file, const char __user buf,	244	static ssize_t ima_write_policy(struct file file, const char __user buf,
245	size_t datalen, loff_t *ppos)	245	size_t datalen, loff_t *ppos)
246	{	246	{
247	char *data;	247	char *data = NULL;
248	int rc;	248	ssize_t result;
249		249
250	if (datalen >= PAGE_SIZE)	250	if (datalen >= PAGE_SIZE)
251	return -ENOMEM;	251	datalen = PAGE_SIZE - 1;
252	if (*ppos != 0) {	252
253	/* No partial writes. */	253	/* No partial writes. */
254	return -EINVAL;	254	result = -EINVAL;
255	}	255	if (*ppos != 0)
		256	goto out;
		257
		258	result = -ENOMEM;
256	data = kmalloc(datalen + 1, GFP_KERNEL);	259	data = kmalloc(datalen + 1, GFP_KERNEL);
257	if (!data)	260	if (!data)
258	return -ENOMEM;	261	goto out;
259		262
260	if (copy_from_user(data, buf, datalen)) {
261	kfree(data);
262	return -EFAULT;
263	}
264	*(data + datalen) = '\0';	263	*(data + datalen) = '\0';
265	rc = ima_parse_add_rule(data);
266	if (rc < 0) {
267	datalen = -EINVAL;
268	valid_policy = 0;
269	}
270		264
		265	result = -EFAULT;
		266	if (copy_from_user(data, buf, datalen))
		267	goto out;
		268
		269	result = ima_parse_add_rule(data);
		270	out:
		271	if (result < 0)
		272	valid_policy = 0;
271	kfree(data);	273	kfree(data);
272	return datalen;	274	return result;
273	}	275	}
274		276
275	static struct dentry *ima_dir;	277	static struct dentry *ima_dir;