aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorDan Carpenter <error27@gmail.com>2010-06-12 14:52:19 -0400
committerJames Morris <jmorris@namei.org>2010-08-02 01:35:02 -0400
commit9d623b17a740d5a85c12108cdc71c64fb15484fc (patch)
tree15434839a75f9c46c53a201520c6c859fad3c74b /security/selinux
parent5241c1074f6e2f2276d45d857eb5d19fbdc2e4b2 (diff)
selinux: fix error codes in cond_read_av_list()
After this patch cond_read_av_list() no longer returns -1 for any errors. It just propagates error code back from lower levels. Those can either be -EINVAL or -ENOMEM. I also modified cond_insertf() since cond_read_av_list() passes that as a function pointer to avtab_read_item(). It isn't used anywhere else. Signed-off-by: Dan Carpenter <error27@gmail.com> Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/ss/conditional.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 775418aa0a8e..aac40c7ff28c 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -263,7 +263,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
263 struct cond_av_list *other = data->other, *list, *cur; 263 struct cond_av_list *other = data->other, *list, *cur;
264 struct avtab_node *node_ptr; 264 struct avtab_node *node_ptr;
265 u8 found; 265 u8 found;
266 266 int rc = -EINVAL;
267 267
268 /* 268 /*
269 * For type rules we have to make certain there aren't any 269 * For type rules we have to make certain there aren't any
@@ -313,12 +313,15 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
313 node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d); 313 node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);
314 if (!node_ptr) { 314 if (!node_ptr) {
315 printk(KERN_ERR "SELinux: could not insert rule.\n"); 315 printk(KERN_ERR "SELinux: could not insert rule.\n");
316 rc = -ENOMEM;
316 goto err; 317 goto err;
317 } 318 }
318 319
319 list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL); 320 list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);
320 if (!list) 321 if (!list) {
322 rc = -ENOMEM;
321 goto err; 323 goto err;
324 }
322 325
323 list->node = node_ptr; 326 list->node = node_ptr;
324 if (!data->head) 327 if (!data->head)
@@ -331,7 +334,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
331err: 334err:
332 cond_av_list_destroy(data->head); 335 cond_av_list_destroy(data->head);
333 data->head = NULL; 336 data->head = NULL;
334 return -1; 337 return rc;
335} 338}
336 339
337static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list **ret_list, struct cond_av_list *other) 340static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list **ret_list, struct cond_av_list *other)
@@ -345,8 +348,8 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
345 348
346 len = 0; 349 len = 0;
347 rc = next_entry(buf, fp, sizeof(u32)); 350 rc = next_entry(buf, fp, sizeof(u32));
348 if (rc < 0) 351 if (rc)
349 return -1; 352 return rc;
350 353
351 len = le32_to_cpu(buf[0]); 354 len = le32_to_cpu(buf[0]);
352 if (len == 0) 355 if (len == 0)
@@ -361,7 +364,6 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
361 &data); 364 &data);
362 if (rc) 365 if (rc)
363 return rc; 366 return rc;
364
365 } 367 }
366 368
367 *ret_list = data.head; 369 *ret_list = data.head;