aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorHarry Ciao <qingtao.cao@windriver.com>2011-04-07 02:12:57 -0400
committerEric Paris <eparis@redhat.com>2011-04-07 12:00:26 -0400
commit1214eac73f798bccabc6adb55e7b2d787527c13c (patch)
tree4b379622da0d56be88d7ea87af558ef719317c7d /security/selinux
parenteba71de2cb7c02c5ae4f2ad3656343da71bc4661 (diff)
Initialize policydb.process_class eariler.
Initialize policydb.process_class once all symtabs read from policy image, so that it could be used to setup the role_trans.tclass field when a lower version policy.X is loaded. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/ss/policydb.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index a493eae24e0a..82373eb2dc97 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -2275,6 +2275,11 @@ int policydb_read(struct policydb *p, void *fp)
2275 p->symtab[i].nprim = nprim; 2275 p->symtab[i].nprim = nprim;
2276 } 2276 }
2277 2277
2278 rc = -EINVAL;
2279 p->process_class = string_to_security_class(p, "process");
2280 if (!p->process_class)
2281 goto bad;
2282
2278 rc = avtab_read(&p->te_avtab, fp, p); 2283 rc = avtab_read(&p->te_avtab, fp, p);
2279 if (rc) 2284 if (rc)
2280 goto bad; 2285 goto bad;
@@ -2359,11 +2364,6 @@ int policydb_read(struct policydb *p, void *fp)
2359 goto bad; 2364 goto bad;
2360 2365
2361 rc = -EINVAL; 2366 rc = -EINVAL;
2362 p->process_class = string_to_security_class(p, "process");
2363 if (!p->process_class)
2364 goto bad;
2365
2366 rc = -EINVAL;
2367 p->process_trans_perms = string_to_av_perm(p, p->process_class, "transition"); 2367 p->process_trans_perms = string_to_av_perm(p, p->process_class, "transition");
2368 p->process_trans_perms |= string_to_av_perm(p, p->process_class, "dyntransition"); 2368 p->process_trans_perms |= string_to_av_perm(p, p->process_class, "dyntransition");
2369 if (!p->process_trans_perms) 2369 if (!p->process_trans_perms)