ima: Fix memory leakage in ima_store_template

Offering: HULK
hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6P3K4
CVE: NA

--------------------------------

There is a memory leakage in ima_store_template when ima_add_template_entry
returns a non-zero value and duplicated_entry was successfully
generated. Fix it by freeing duplicated_entry in that case.

Fixes: 31604143 ("ima: Add support for measurement with digest lists")
Signed-off-by: NGUO Zihua <guozihua@huawei.com>
Reviewed-by: Nyiyang <yiyang13@huawei.com>
Reviewed-by: NCai Xinchen <caixinchen1@huawei.com>
Reviewed-by: NWang Weiyang <wangweiyang2@huawei.com>
Reviewed-by: NXiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: NJialin Zhang <zhangjialin11@huawei.com>

security/integrity/ima/ima_api.c

@@ -133,7 +133,9 @@ int ima_store_template(struct ima_template_entry *entry,
 
 	entry->pcr = pcr;
 	result = ima_add_template_entry(entry, violation, op, inode, filename);
-	if (!result && duplicated_entry) {
+	if (result) {
+		kfree(duplicated_entry);
+	} else if (duplicated_entry) {
 		result = ima_add_template_entry(duplicated_entry, violation, op,
 						inode, filename);
 		if (result < 0)