| Message ID | 20210729031644.47679-1-xiujianfeng@huawei.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | [-next,v2] selinux: correct the return value when loads initial sids | expand |
On Wed, Jul 28, 2021 at 11:15 PM Xiu Jianfeng <xiujianfeng@huawei.com> wrote: > > It should not return 0 when SID 0 is assigned to isids. > This patch fixes it. > > v2: remove the "out" label and return directly. > > Fixes: e3e0b582c321a ("selinux: remove unused initial SIDs and improve handling") > Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> > --- > security/selinux/ss/policydb.c | 10 ++++------ > 1 file changed, 4 insertions(+), 6 deletions(-) Thanks, this looks much better. I decided this is worth sending up to Linus as a fix for the 5.14-rcX series so I've merged it into selinux/stable-5.14 and I'll send it up to Linus later this week.
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index defc5ef35c66..0ae1b718194a 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -874,7 +874,7 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s) rc = sidtab_init(s); if (rc) { pr_err("SELinux: out of memory on SID table init\n"); - goto out; + return rc; } head = p->ocontexts[OCON_ISID]; @@ -885,7 +885,7 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s) if (sid == SECSID_NULL) { pr_err("SELinux: SID 0 was assigned a context.\n"); sidtab_destroy(s); - goto out; + return -EINVAL; } /* Ignore initial SIDs unused by this kernel. */ @@ -897,12 +897,10 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s) pr_err("SELinux: unable to load initial SID %s.\n", name); sidtab_destroy(s); - goto out; + return rc; } } - rc = 0; -out: - return rc; + return 0; } int policydb_class_isvalid(struct policydb *p, unsigned int class)
It should not return 0 when SID 0 is assigned to isids. This patch fixes it. v2: remove the "out" label and return directly. Fixes: e3e0b582c321a ("selinux: remove unused initial SIDs and improve handling") Signed-off-by: Xiu Jianfeng <xiujianfeng@huawei.com> --- security/selinux/ss/policydb.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-)