LSM: SafeSetID: Stop releasing uninitialized ruleset

The first time a rule set is configured for SafeSetID, we shouldn't be
trying to release the previously configured ruleset, since there isn't
one. Currently, the pointer that would point to a previously configured
ruleset is uninitialized on first rule set configuration, leading to a
crash when we try to call release_ruleset with that pointer.

Acked-by: Jann Horn <jannh@google.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>

diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c
index d568e17..74a13d4 100644 (file)
--- a/security/safesetid/securityfs.c
+++ b/security/safesetid/securityfs.c
@@ -187,7 +187,8 @@ out_free_rule:
 out_free_buf:
        kfree(buf);
 out_free_pol:
-       release_ruleset(pol);
+       if (pol)
+                release_ruleset(pol);
        return err;
 }