ima: ima_write_policy() limit locking

There is no need to hold the ima_write_mutex for so long.  We only need it
around ima_parse_add_rule().

Changelog:
- The return path now takes into account failed kmalloc() call.

Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Petko Manolov <petkan@mip-labs.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 3caed6de610c19c21d0f597ce2ccfff3357562ba..f355231997b462d1d6acee7664cabe9c51fdc91e 100644 (file)
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -261,13 +261,8 @@ static const struct file_operations ima_ascii_measurements_ops = {
 static ssize_t ima_write_policy(struct file *file, const char __user *buf,
                                size_t datalen, loff_t *ppos)
 {
-       char *data = NULL;
+       char *data;
        ssize_t result;
-       int res;
-
-       res = mutex_lock_interruptible(&ima_write_mutex);
-       if (res)
-               return res;
 
        if (datalen >= PAGE_SIZE)
                datalen = PAGE_SIZE - 1;
@@ -286,14 +281,19 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf,
 
        result = -EFAULT;
        if (copy_from_user(data, buf, datalen))
-               goto out;
+               goto out_free;
 
+       result = mutex_lock_interruptible(&ima_write_mutex);
+       if (result < 0)
+               goto out_free;
        result = ima_parse_add_rule(data);
+       mutex_unlock(&ima_write_mutex);
+
+out_free:
+       kfree(data);
 out:
        if (result < 0)
                valid_policy = 0;
-       kfree(data);
-       mutex_unlock(&ima_write_mutex);
 
        return result;
 }