aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/hooks.c
diff options
context:
space:
mode:
authorAndreas Gruenbacher <agruenba@redhat.com>2016-11-10 16:18:29 -0500
committerPaul Moore <paul@paul-moore.com>2016-11-14 15:53:04 -0500
commit13457d073c29da92001f6ee809075eaa8757fb96 (patch)
tree31dedd978a6e088a8d4e14741c37063027ad4a7c /security/selinux/hooks.c
parentdb978da8fa1d0819b210c137d31a339149b88875 (diff)
selinux: Clean up initialization of isec->sclass
Now that isec->initialized == LABEL_INITIALIZED implies that isec->sclass is valid, skip such inodes immediately in inode_doinit_with_dentry. For the remaining inodes, initialize isec->sclass at the beginning of inode_doinit_with_dentry to simplify the code. Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/hooks.c')
-rw-r--r--security/selinux/hooks.c10
1 files changed, 4 insertions, 6 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 32beac817bf5..2a506861a772 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1390,12 +1390,15 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1390 int rc = 0; 1390 int rc = 0;
1391 1391
1392 if (isec->initialized == LABEL_INITIALIZED) 1392 if (isec->initialized == LABEL_INITIALIZED)
1393 goto out; 1393 return 0;
1394 1394
1395 mutex_lock(&isec->lock); 1395 mutex_lock(&isec->lock);
1396 if (isec->initialized == LABEL_INITIALIZED) 1396 if (isec->initialized == LABEL_INITIALIZED)
1397 goto out_unlock; 1397 goto out_unlock;
1398 1398
1399 if (isec->sclass == SECCLASS_FILE)
1400 isec->sclass = inode_mode_to_security_class(inode->i_mode);
1401
1399 sbsec = inode->i_sb->s_security; 1402 sbsec = inode->i_sb->s_security;
1400 if (!(sbsec->flags & SE_SBINITIALIZED)) { 1403 if (!(sbsec->flags & SE_SBINITIALIZED)) {
1401 /* Defer initialization until selinux_complete_init, 1404 /* Defer initialization until selinux_complete_init,
@@ -1513,7 +1516,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1513 isec->sid = sbsec->sid; 1516 isec->sid = sbsec->sid;
1514 1517
1515 /* Try to obtain a transition SID. */ 1518 /* Try to obtain a transition SID. */
1516 isec->sclass = inode_mode_to_security_class(inode->i_mode);
1517 rc = security_transition_sid(isec->task_sid, sbsec->sid, 1519 rc = security_transition_sid(isec->task_sid, sbsec->sid,
1518 isec->sclass, NULL, &sid); 1520 isec->sclass, NULL, &sid);
1519 if (rc) 1521 if (rc)
@@ -1549,7 +1551,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1549 */ 1551 */
1550 if (!dentry) 1552 if (!dentry)
1551 goto out_unlock; 1553 goto out_unlock;
1552 isec->sclass = inode_mode_to_security_class(inode->i_mode);
1553 rc = selinux_genfs_get_sid(dentry, isec->sclass, 1554 rc = selinux_genfs_get_sid(dentry, isec->sclass,
1554 sbsec->flags, &sid); 1555 sbsec->flags, &sid);
1555 dput(dentry); 1556 dput(dentry);
@@ -1564,9 +1565,6 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1564 1565
1565out_unlock: 1566out_unlock:
1566 mutex_unlock(&isec->lock); 1567 mutex_unlock(&isec->lock);
1567out:
1568 if (isec->sclass == SECCLASS_FILE)
1569 isec->sclass = inode_mode_to_security_class(inode->i_mode);
1570 return rc; 1568 return rc;
1571} 1569}
1572 1570
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-05 10:04:34 -0400