|
@@ -327,19 +327,22 @@ int selinux_xfrm_state_alloc_acquire(struct xfrm_state *x,
|
|
|
return rc;
|
|
return rc;
|
|
|
|
|
|
|
|
ctx = kmalloc(sizeof(*ctx) + str_len, GFP_ATOMIC);
|
|
ctx = kmalloc(sizeof(*ctx) + str_len, GFP_ATOMIC);
|
|
|
- if (!ctx)
|
|
|
|
|
- return -ENOMEM;
|
|
|
|
|
|
|
+ if (!ctx) {
|
|
|
|
|
+ rc = -ENOMEM;
|
|
|
|
|
+ goto out;
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
ctx->ctx_doi = XFRM_SC_DOI_LSM;
|
|
ctx->ctx_doi = XFRM_SC_DOI_LSM;
|
|
|
ctx->ctx_alg = XFRM_SC_ALG_SELINUX;
|
|
ctx->ctx_alg = XFRM_SC_ALG_SELINUX;
|
|
|
ctx->ctx_sid = secid;
|
|
ctx->ctx_sid = secid;
|
|
|
ctx->ctx_len = str_len;
|
|
ctx->ctx_len = str_len;
|
|
|
memcpy(ctx->ctx_str, ctx_str, str_len);
|
|
memcpy(ctx->ctx_str, ctx_str, str_len);
|
|
|
- kfree(ctx_str);
|
|
|
|
|
|
|
|
|
|
x->security = ctx;
|
|
x->security = ctx;
|
|
|
atomic_inc(&selinux_xfrm_refcount);
|
|
atomic_inc(&selinux_xfrm_refcount);
|
|
|
- return 0;
|
|
|
|
|
|
|
+out:
|
|
|
|
|
+ kfree(ctx_str);
|
|
|
|
|
+ return rc;
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
/*
|
Geyslan G. Bem