Changeset View
Changeset View
Standalone View
Standalone View
sys/security/mac_veriexec/veriexec_metadata.c
| Show First 20 Lines • Show All 132 Lines • ▼ Show 20 Lines | if (lp != NULL) { | ||||
| /* Next, look for the meta-data information for the file */ | /* Next, look for the meta-data information for the file */ | ||||
| LIST_FOREACH_SAFE(ip, &(lp->file_head), entries, tip) { | LIST_FOREACH_SAFE(ip, &(lp->file_head), entries, tip) { | ||||
| if (ip->fileid == fileid) { | if (ip->fileid == fileid) { | ||||
| if (ip->gen == gen) | if (ip->gen == gen) | ||||
| break; | break; | ||||
| /* we need to garbage collect */ | /* we need to garbage collect */ | ||||
| LIST_REMOVE(ip, entries); | LIST_REMOVE(ip, entries); | ||||
| if (ip->label) | |||||
| free(ip->label, M_VERIEXEC); | |||||
sebastien.bini_stormshield.eu: Why is this no longer freed? | |||||
Done Inline ActionsHmm that appears to be a merge botch or something, the free call is still there in our tree. This is an old patch that I need to revisit anyway given the delay since it was posted. sjg: Hmm that appears to be a merge botch or something, the free call is still there in our tree. | |||||
| free(ip, M_VERIEXEC); | free(ip, M_VERIEXEC); | ||||
| } | } | ||||
| } | } | ||||
| } | } | ||||
| /* Release the lock we obtained earlier */ | /* Release the lock we obtained earlier */ | ||||
| mtx_unlock(&ve_mutex); | mtx_unlock(&ve_mutex); | ||||
| ▲ Show 20 Lines • Show All 425 Lines • ▼ Show 20 Lines | #endif | ||||
| VERIEXEC_DEBUG(2, | VERIEXEC_DEBUG(2, | ||||
| ("fingerprint status error %d\n", error)); | ("fingerprint status error %d\n", error)); | ||||
| break; | break; | ||||
| } | } | ||||
| } | } | ||||
| mac_veriexec_set_fingerprint_status(vp, status); | mac_veriexec_set_fingerprint_status(vp, status); | ||||
| } | } | ||||
| return (error); | return (error); | ||||
| } | |||||
| /** | |||||
| * Return label if we have one | |||||
| * | |||||
| * @param fsid file system identifier to look for | |||||
| * @param fileid file to look for | |||||
| * @param gen generation of file | |||||
| * @param check_files look at non-executable files? | |||||
| * | |||||
| * @return A pointer to the label or @c NULL | |||||
| */ | |||||
| const char * | |||||
| mac_veriexec_metadata_get_file_label(dev_t fsid, long fileid, | |||||
| unsigned long gen, int check_files) | |||||
| { | |||||
| struct mac_veriexec_file_info *ip; | |||||
| ip = mac_veriexec_metadata_get_file_info(fsid, fileid, gen, | |||||
| NULL, check_files); | |||||
| if (ip && (ip->flags & VERIEXEC_LABEL)) { | |||||
| return ip->label; | |||||
| } | |||||
| return NULL; | |||||
| } | } | ||||
| /** | /** | ||||
| * Add a file and its fingerprint to the list of files attached | * Add a file and its fingerprint to the list of files attached | ||||
| * to the device @p fsid. | * to the device @p fsid. | ||||
| * | * | ||||
| * Only add the entry if it is not already on the list. | * Only add the entry if it is not already on the list. | ||||
| * | * | ||||
| ▲ Show 20 Lines • Show All 195 Lines • Show Last 20 Lines | |||||
Why is this no longer freed?