4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: James Morris <james.mor...@microsoft.com>
commit a5795fd38ee8194451ba3f281f075301a3696ce2 upstream.
From: Casey Schaufler <ca...@schaufler-ca.com>
Check that the cred security blob has been set before trying
to clean it up. There is a case during credential initialization
that could result in this.
Signed-off-by: Casey Schaufler <ca...@schaufler-ca.com>
Acked-by: John Johansen <john.johan...@canonical.com>
Signed-off-by: James Morris <james.mor...@microsoft.com>
Reported-by: syzbot+69ca07954461f189e...@syzkaller.appspotmail.com
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
security/security.c | 7 +++++++
1 file changed, 7 insertions(+)
--- a/security/security.c
+++ b/security/security.c
@@ -861,6 +861,13 @@ int security_cred_alloc_blank(struct cre
void security_cred_free(struct cred *cred)
{
+ /*
+ * There is a failure case in prepare_creds() that
+ * may result in a call here with ->security being NULL.
+ */
+ if (unlikely(cred->security == NULL))
+ return;
+
call_void_hook(cred_free, cred);
}
