trusted keys: Fix a memory leak in trusted_update().

One failure path in security/keys/trusted.c::trusted_update() does
not free 'new_p' while the others do. This patch makes sure we also free
it in the remaining path (if datablob_parse() returns different from
Opt_update).

Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 3066f56..83fc92e 100644 (file)
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -1032,6 +1032,7 @@ static int trusted_update(struct key *key, const void *data, size_t datalen)
        ret = datablob_parse(datablob, new_p, new_o);
        if (ret != Opt_update) {
                ret = -EINVAL;
+               kfree(new_p);
                goto out;
        }
        /* copy old key values, and reseal with new pcrs */