Changeset View
Changeset View
Standalone View
Standalone View
sys/security/mac_veriexec/veriexec_metadata.c
Show First 20 Lines • Show All 132 Lines • ▼ Show 20 Lines | if (lp != NULL) { | ||||
/* Next, look for the meta-data information for the file */ | /* Next, look for the meta-data information for the file */ | ||||
LIST_FOREACH_SAFE(ip, &(lp->file_head), entries, tip) { | LIST_FOREACH_SAFE(ip, &(lp->file_head), entries, tip) { | ||||
if (ip->fileid == fileid) { | if (ip->fileid == fileid) { | ||||
if (ip->gen == gen) | if (ip->gen == gen) | ||||
break; | break; | ||||
/* we need to garbage collect */ | /* we need to garbage collect */ | ||||
LIST_REMOVE(ip, entries); | LIST_REMOVE(ip, entries); | ||||
if (ip->label) | |||||
free(ip->label, M_VERIEXEC); | |||||
sebastien.bini_stormshield.eu: Why is this no longer freed? | |||||
Done Inline ActionsHmm that appears to be a merge botch or something, the free call is still there in our tree. This is an old patch that I need to revisit anyway given the delay since it was posted. sjg: Hmm that appears to be a merge botch or something, the free call is still there in our tree. | |||||
free(ip, M_VERIEXEC); | free(ip, M_VERIEXEC); | ||||
} | } | ||||
} | } | ||||
} | } | ||||
/* Release the lock we obtained earlier */ | /* Release the lock we obtained earlier */ | ||||
mtx_unlock(&ve_mutex); | mtx_unlock(&ve_mutex); | ||||
▲ Show 20 Lines • Show All 425 Lines • ▼ Show 20 Lines | #endif | ||||
VERIEXEC_DEBUG(2, | VERIEXEC_DEBUG(2, | ||||
("fingerprint status error %d\n", error)); | ("fingerprint status error %d\n", error)); | ||||
break; | break; | ||||
} | } | ||||
} | } | ||||
mac_veriexec_set_fingerprint_status(vp, status); | mac_veriexec_set_fingerprint_status(vp, status); | ||||
} | } | ||||
return (error); | return (error); | ||||
} | |||||
/** | |||||
* Return label if we have one | |||||
* | |||||
* @param fsid file system identifier to look for | |||||
* @param fileid file to look for | |||||
* @param gen generation of file | |||||
* @param check_files look at non-executable files? | |||||
* | |||||
* @return A pointer to the label or @c NULL | |||||
*/ | |||||
const char * | |||||
mac_veriexec_metadata_get_file_label(dev_t fsid, long fileid, | |||||
unsigned long gen, int check_files) | |||||
{ | |||||
struct mac_veriexec_file_info *ip; | |||||
ip = mac_veriexec_metadata_get_file_info(fsid, fileid, gen, | |||||
NULL, check_files); | |||||
if (ip && (ip->flags & VERIEXEC_LABEL)) { | |||||
return ip->label; | |||||
} | |||||
return NULL; | |||||
} | } | ||||
/** | /** | ||||
* Add a file and its fingerprint to the list of files attached | * Add a file and its fingerprint to the list of files attached | ||||
* to the device @p fsid. | * to the device @p fsid. | ||||
* | * | ||||
* Only add the entry if it is not already on the list. | * Only add the entry if it is not already on the list. | ||||
* | * | ||||
▲ Show 20 Lines • Show All 195 Lines • Show Last 20 Lines |
Why is this no longer freed?