aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2010-11-23 11:40:08 -0500
committerEric Paris <eparis@redhat.com>2010-11-30 17:28:56 -0500
commit9398c7f794078dc1768cc061b3da8cdd59f179a5 (patch)
tree16e665d3bf7160e2da67b236b27a6bf87a73d5e2 /security/selinux
parente8a7e48bb248a1196484d3f8afa53bded2b24e71 (diff)
SELinux: standardize return code handling in policydb.c
policydb.c has lots of different standards on how to handle return paths on error. For the most part transition to rc=errno if (failure) goto out; [...] out: cleanup() return rc; Instead of doing cleanup mid function, or having multiple returns or other options. This doesn't do that for every function, but most of the complex functions which have cleanup routines on error. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/ss/policydb.c555
1 files changed, 268 insertions, 287 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 94f630d93a5c..6ad73e81da5c 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -148,32 +148,30 @@ static int roles_init(struct policydb *p)
148 int rc; 148 int rc;
149 struct role_datum *role; 149 struct role_datum *role;
150 150
151 rc = -ENOMEM;
151 role = kzalloc(sizeof(*role), GFP_KERNEL); 152 role = kzalloc(sizeof(*role), GFP_KERNEL);
152 if (!role) { 153 if (!role)
153 rc = -ENOMEM;
154 goto out; 154 goto out;
155 } 155
156 rc = -EINVAL;
156 role->value = ++p->p_roles.nprim; 157 role->value = ++p->p_roles.nprim;
157 if (role->value != OBJECT_R_VAL) { 158 if (role->value != OBJECT_R_VAL)
158 rc = -EINVAL; 159 goto out;
159 goto out_free_role; 160
160 } 161 rc = -ENOMEM;
161 key = kstrdup(OBJECT_R, GFP_KERNEL); 162 key = kstrdup(OBJECT_R, GFP_KERNEL);
162 if (!key) { 163 if (!key)
163 rc = -ENOMEM; 164 goto out;
164 goto out_free_role; 165
165 }
166 rc = hashtab_insert(p->p_roles.table, key, role); 166 rc = hashtab_insert(p->p_roles.table, key, role);
167 if (rc) 167 if (rc)
168 goto out_free_key; 168 goto out;
169out:
170 return rc;
171 169
172out_free_key: 170 return 0;
171out:
173 kfree(key); 172 kfree(key);
174out_free_role:
175 kfree(role); 173 kfree(role);
176 goto out; 174 return rc;
177} 175}
178 176
179static u32 rangetr_hash(struct hashtab *h, const void *k) 177static u32 rangetr_hash(struct hashtab *h, const void *k)
@@ -213,35 +211,33 @@ static int policydb_init(struct policydb *p)
213 for (i = 0; i < SYM_NUM; i++) { 211 for (i = 0; i < SYM_NUM; i++) {
214 rc = symtab_init(&p->symtab[i], symtab_sizes[i]); 212 rc = symtab_init(&p->symtab[i], symtab_sizes[i]);
215 if (rc) 213 if (rc)
216 goto out_free_symtab; 214 goto out;
217 } 215 }
218 216
219 rc = avtab_init(&p->te_avtab); 217 rc = avtab_init(&p->te_avtab);
220 if (rc) 218 if (rc)
221 goto out_free_symtab; 219 goto out;
222 220
223 rc = roles_init(p); 221 rc = roles_init(p);
224 if (rc) 222 if (rc)
225 goto out_free_symtab; 223 goto out;
226 224
227 rc = cond_policydb_init(p); 225 rc = cond_policydb_init(p);
228 if (rc) 226 if (rc)
229 goto out_free_symtab; 227 goto out;
230 228
231 p->range_tr = hashtab_create(rangetr_hash, rangetr_cmp, 256); 229 p->range_tr = hashtab_create(rangetr_hash, rangetr_cmp, 256);
232 if (!p->range_tr) 230 if (!p->range_tr)
233 goto out_free_symtab; 231 goto out;
234 232
235 ebitmap_init(&p->policycaps); 233 ebitmap_init(&p->policycaps);
236 ebitmap_init(&p->permissive_map); 234 ebitmap_init(&p->permissive_map);
237 235
236 return 0;
238out: 237out:
239 return rc;
240
241out_free_symtab:
242 for (i = 0; i < SYM_NUM; i++) 238 for (i = 0; i < SYM_NUM; i++)
243 hashtab_destroy(p->symtab[i].table); 239 hashtab_destroy(p->symtab[i].table);
244 goto out; 240 return rc;
245} 241}
246 242
247/* 243/*
@@ -391,30 +387,27 @@ static int policydb_index_classes(struct policydb *p)
391{ 387{
392 int rc; 388 int rc;
393 389
390 rc = -ENOMEM;
394 p->p_common_val_to_name = 391 p->p_common_val_to_name =
395 kmalloc(p->p_commons.nprim * sizeof(char *), GFP_KERNEL); 392 kmalloc(p->p_commons.nprim * sizeof(char *), GFP_KERNEL);
396 if (!p->p_common_val_to_name) { 393 if (!p->p_common_val_to_name)
397 rc = -ENOMEM;
398 goto out; 394 goto out;
399 }
400 395
401 rc = hashtab_map(p->p_commons.table, common_index, p); 396 rc = hashtab_map(p->p_commons.table, common_index, p);
402 if (rc) 397 if (rc)
403 goto out; 398 goto out;
404 399
400 rc = -ENOMEM;
405 p->class_val_to_struct = 401 p->class_val_to_struct =
406 kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)), GFP_KERNEL); 402 kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)), GFP_KERNEL);
407 if (!p->class_val_to_struct) { 403 if (!p->class_val_to_struct)
408 rc = -ENOMEM;
409 goto out; 404 goto out;
410 }
411 405
406 rc = -ENOMEM;
412 p->p_class_val_to_name = 407 p->p_class_val_to_name =
413 kmalloc(p->p_classes.nprim * sizeof(char *), GFP_KERNEL); 408 kmalloc(p->p_classes.nprim * sizeof(char *), GFP_KERNEL);
414 if (!p->p_class_val_to_name) { 409 if (!p->p_class_val_to_name)
415 rc = -ENOMEM;
416 goto out; 410 goto out;
417 }
418 411
419 rc = hashtab_map(p->p_classes.table, class_index, p); 412 rc = hashtab_map(p->p_classes.table, class_index, p);
420out: 413out:
@@ -460,7 +453,7 @@ static inline void rangetr_hash_eval(struct hashtab *h)
460 */ 453 */
461static int policydb_index_others(struct policydb *p) 454static int policydb_index_others(struct policydb *p)
462{ 455{
463 int i, rc = 0; 456 int i, rc;
464 457
465 printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools", 458 printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools",
466 p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim); 459 p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim);
@@ -477,47 +470,42 @@ static int policydb_index_others(struct policydb *p)
477 symtab_hash_eval(p->symtab); 470 symtab_hash_eval(p->symtab);
478#endif 471#endif
479 472
473 rc = -ENOMEM;
480 p->role_val_to_struct = 474 p->role_val_to_struct =
481 kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)), 475 kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
482 GFP_KERNEL); 476 GFP_KERNEL);
483 if (!p->role_val_to_struct) { 477 if (!p->role_val_to_struct)
484 rc = -ENOMEM;
485 goto out; 478 goto out;
486 }
487 479
480 rc = -ENOMEM;
488 p->user_val_to_struct = 481 p->user_val_to_struct =
489 kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)), 482 kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
490 GFP_KERNEL); 483 GFP_KERNEL);
491 if (!p->user_val_to_struct) { 484 if (!p->user_val_to_struct)
492 rc = -ENOMEM;
493 goto out; 485 goto out;
494 }
495 486
487 rc = -ENOMEM;
496 p->type_val_to_struct = 488 p->type_val_to_struct =
497 kmalloc(p->p_types.nprim * sizeof(*(p->type_val_to_struct)), 489 kmalloc(p->p_types.nprim * sizeof(*(p->type_val_to_struct)),
498 GFP_KERNEL); 490 GFP_KERNEL);
499 if (!p->type_val_to_struct) { 491 if (!p->type_val_to_struct)
500 rc = -ENOMEM;
501 goto out; 492 goto out;
502 }
503 493
504 if (cond_init_bool_indexes(p)) { 494 rc = -ENOMEM;
505 rc = -ENOMEM; 495 if (cond_init_bool_indexes(p))
506 goto out; 496 goto out;
507 }
508 497
509 for (i = SYM_ROLES; i < SYM_NUM; i++) { 498 for (i = SYM_ROLES; i < SYM_NUM; i++) {
499 rc = -ENOMEM;
510 p->sym_val_to_name[i] = 500 p->sym_val_to_name[i] =
511 kmalloc(p->symtab[i].nprim * sizeof(char *), GFP_KERNEL); 501 kmalloc(p->symtab[i].nprim * sizeof(char *), GFP_KERNEL);
512 if (!p->sym_val_to_name[i]) { 502 if (!p->sym_val_to_name[i])
513 rc = -ENOMEM;
514 goto out; 503 goto out;
515 }
516 rc = hashtab_map(p->symtab[i].table, index_f[i], p); 504 rc = hashtab_map(p->symtab[i].table, index_f[i], p);
517 if (rc) 505 if (rc)
518 goto out; 506 goto out;
519 } 507 }
520 508 rc = 0;
521out: 509out:
522 return rc; 510 return rc;
523} 511}
@@ -540,9 +528,11 @@ static int common_destroy(void *key, void *datum, void *p)
540 struct common_datum *comdatum; 528 struct common_datum *comdatum;
541 529
542 kfree(key); 530 kfree(key);
543 comdatum = datum; 531 if (datum) {
544 hashtab_map(comdatum->permissions.table, perm_destroy, NULL); 532 comdatum = datum;
545 hashtab_destroy(comdatum->permissions.table); 533 hashtab_map(comdatum->permissions.table, perm_destroy, NULL);
534 hashtab_destroy(comdatum->permissions.table);
535 }
546 kfree(datum); 536 kfree(datum);
547 return 0; 537 return 0;
548} 538}
@@ -554,38 +544,40 @@ static int cls_destroy(void *key, void *datum, void *p)
554 struct constraint_expr *e, *etmp; 544 struct constraint_expr *e, *etmp;
555 545
556 kfree(key); 546 kfree(key);
557 cladatum = datum; 547 if (datum) {
558 hashtab_map(cladatum->permissions.table, perm_destroy, NULL); 548 cladatum = datum;
559 hashtab_destroy(cladatum->permissions.table); 549 hashtab_map(cladatum->permissions.table, perm_destroy, NULL);
560 constraint = cladatum->constraints; 550 hashtab_destroy(cladatum->permissions.table);
561 while (constraint) { 551 constraint = cladatum->constraints;
562 e = constraint->expr; 552 while (constraint) {
563 while (e) { 553 e = constraint->expr;
564 ebitmap_destroy(&e->names); 554 while (e) {
565 etmp = e; 555 ebitmap_destroy(&e->names);
566 e = e->next; 556 etmp = e;
567 kfree(etmp); 557 e = e->next;
558 kfree(etmp);
559 }
560 ctemp = constraint;
561 constraint = constraint->next;
562 kfree(ctemp);
568 } 563 }
569 ctemp = constraint; 564
570 constraint = constraint->next; 565 constraint = cladatum->validatetrans;
571 kfree(ctemp); 566 while (constraint) {
572 } 567 e = constraint->expr;
573 568 while (e) {
574 constraint = cladatum->validatetrans; 569 ebitmap_destroy(&e->names);
575 while (constraint) { 570 etmp = e;
576 e = constraint->expr; 571 e = e->next;
577 while (e) { 572 kfree(etmp);
578 ebitmap_destroy(&e->names); 573 }
579 etmp = e; 574 ctemp = constraint;
580 e = e->next; 575 constraint = constraint->next;
581 kfree(etmp); 576 kfree(ctemp);
582 } 577 }
583 ctemp = constraint;
584 constraint = constraint->next;
585 kfree(ctemp);
586 }
587 578
588 kfree(cladatum->comkey); 579 kfree(cladatum->comkey);
580 }
589 kfree(datum); 581 kfree(datum);
590 return 0; 582 return 0;
591} 583}
@@ -595,9 +587,11 @@ static int role_destroy(void *key, void *datum, void *p)
595 struct role_datum *role; 587 struct role_datum *role;
596 588
597 kfree(key); 589 kfree(key);
598 role = datum; 590 if (datum) {
599 ebitmap_destroy(&role->dominates); 591 role = datum;
600 ebitmap_destroy(&role->types); 592 ebitmap_destroy(&role->dominates);
593 ebitmap_destroy(&role->types);
594 }
601 kfree(datum); 595 kfree(datum);
602 return 0; 596 return 0;
603} 597}
@@ -614,11 +608,13 @@ static int user_destroy(void *key, void *datum, void *p)
614 struct user_datum *usrdatum; 608 struct user_datum *usrdatum;
615 609
616 kfree(key); 610 kfree(key);
617 usrdatum = datum; 611 if (datum) {
618 ebitmap_destroy(&usrdatum->roles); 612 usrdatum = datum;
619 ebitmap_destroy(&usrdatum->range.level[0].cat); 613 ebitmap_destroy(&usrdatum->roles);
620 ebitmap_destroy(&usrdatum->range.level[1].cat); 614 ebitmap_destroy(&usrdatum->range.level[0].cat);
621 ebitmap_destroy(&usrdatum->dfltlevel.cat); 615 ebitmap_destroy(&usrdatum->range.level[1].cat);
616 ebitmap_destroy(&usrdatum->dfltlevel.cat);
617 }
622 kfree(datum); 618 kfree(datum);
623 return 0; 619 return 0;
624} 620}
@@ -628,9 +624,11 @@ static int sens_destroy(void *key, void *datum, void *p)
628 struct level_datum *levdatum; 624 struct level_datum *levdatum;
629 625
630 kfree(key); 626 kfree(key);
631 levdatum = datum; 627 if (datum) {
632 ebitmap_destroy(&levdatum->level->cat); 628 levdatum = datum;
633 kfree(levdatum->level); 629 ebitmap_destroy(&levdatum->level->cat);
630 kfree(levdatum->level);
631 }
634 kfree(datum); 632 kfree(datum);
635 return 0; 633 return 0;
636} 634}
@@ -785,19 +783,21 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s)
785 783
786 head = p->ocontexts[OCON_ISID]; 784 head = p->ocontexts[OCON_ISID];
787 for (c = head; c; c = c->next) { 785 for (c = head; c; c = c->next) {
786 rc = -EINVAL;
788 if (!c->context[0].user) { 787 if (!c->context[0].user) {
789 printk(KERN_ERR "SELinux: SID %s was never " 788 printk(KERN_ERR "SELinux: SID %s was never defined.\n",
790 "defined.\n", c->u.name); 789 c->u.name);
791 rc = -EINVAL;
792 goto out; 790 goto out;
793 } 791 }
794 if (sidtab_insert(s, c->sid[0], &c->context[0])) { 792
795 printk(KERN_ERR "SELinux: unable to load initial " 793 rc = sidtab_insert(s, c->sid[0], &c->context[0]);
796 "SID %s.\n", c->u.name); 794 if (rc) {
797 rc = -EINVAL; 795 printk(KERN_ERR "SELinux: unable to load initial SID %s.\n",
796 c->u.name);
798 goto out; 797 goto out;
799 } 798 }
800 } 799 }
800 rc = 0;
801out: 801out:
802 return rc; 802 return rc;
803} 803}
@@ -846,8 +846,7 @@ int policydb_context_isvalid(struct policydb *p, struct context *c)
846 * Role must be authorized for the type. 846 * Role must be authorized for the type.
847 */ 847 */
848 role = p->role_val_to_struct[c->role - 1]; 848 role = p->role_val_to_struct[c->role - 1];
849 if (!ebitmap_get_bit(&role->types, 849 if (!ebitmap_get_bit(&role->types, c->type - 1))
850 c->type - 1))
851 /* role may not be associated with type */ 850 /* role may not be associated with type */
852 return 0; 851 return 0;
853 852
@@ -858,8 +857,7 @@ int policydb_context_isvalid(struct policydb *p, struct context *c)
858 if (!usrdatum) 857 if (!usrdatum)
859 return 0; 858 return 0;
860 859
861 if (!ebitmap_get_bit(&usrdatum->roles, 860 if (!ebitmap_get_bit(&usrdatum->roles, c->role - 1))
862 c->role - 1))
863 /* user may not be associated with role */ 861 /* user may not be associated with role */
864 return 0; 862 return 0;
865 } 863 }
@@ -881,20 +879,22 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
881 int rc; 879 int rc;
882 880
883 rc = next_entry(buf, fp, sizeof(u32)); 881 rc = next_entry(buf, fp, sizeof(u32));
884 if (rc < 0) 882 if (rc)
885 goto out; 883 goto out;
886 884
885 rc = -EINVAL;
887 items = le32_to_cpu(buf[0]); 886 items = le32_to_cpu(buf[0]);
888 if (items > ARRAY_SIZE(buf)) { 887 if (items > ARRAY_SIZE(buf)) {
889 printk(KERN_ERR "SELinux: mls: range overflow\n"); 888 printk(KERN_ERR "SELinux: mls: range overflow\n");
890 rc = -EINVAL;
891 goto out; 889 goto out;
892 } 890 }
891
893 rc = next_entry(buf, fp, sizeof(u32) * items); 892 rc = next_entry(buf, fp, sizeof(u32) * items);
894 if (rc < 0) { 893 if (rc) {
895 printk(KERN_ERR "SELinux: mls: truncated range\n"); 894 printk(KERN_ERR "SELinux: mls: truncated range\n");
896 goto out; 895 goto out;
897 } 896 }
897
898 r->level[0].sens = le32_to_cpu(buf[0]); 898 r->level[0].sens = le32_to_cpu(buf[0]);
899 if (items > 1) 899 if (items > 1)
900 r->level[1].sens = le32_to_cpu(buf[1]); 900 r->level[1].sens = le32_to_cpu(buf[1]);
@@ -903,15 +903,13 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
903 903
904 rc = ebitmap_read(&r->level[0].cat, fp); 904 rc = ebitmap_read(&r->level[0].cat, fp);
905 if (rc) { 905 if (rc) {
906 printk(KERN_ERR "SELinux: mls: error reading low " 906 printk(KERN_ERR "SELinux: mls: error reading low categories\n");
907 "categories\n");
908 goto out; 907 goto out;
909 } 908 }
910 if (items > 1) { 909 if (items > 1) {
911 rc = ebitmap_read(&r->level[1].cat, fp); 910 rc = ebitmap_read(&r->level[1].cat, fp);
912 if (rc) { 911 if (rc) {
913 printk(KERN_ERR "SELinux: mls: error reading high " 912 printk(KERN_ERR "SELinux: mls: error reading high categories\n");
914 "categories\n");
915 goto bad_high; 913 goto bad_high;
916 } 914 }
917 } else { 915 } else {
@@ -922,12 +920,11 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
922 } 920 }
923 } 921 }
924 922
925 rc = 0; 923 return 0;
926out:
927 return rc;
928bad_high: 924bad_high:
929 ebitmap_destroy(&r->level[0].cat); 925 ebitmap_destroy(&r->level[0].cat);
930 goto out; 926out:
927 return rc;
931} 928}
932 929
933/* 930/*
@@ -942,7 +939,7 @@ static int context_read_and_validate(struct context *c,
942 int rc; 939 int rc;
943 940
944 rc = next_entry(buf, fp, sizeof buf); 941 rc = next_entry(buf, fp, sizeof buf);
945 if (rc < 0) { 942 if (rc) {
946 printk(KERN_ERR "SELinux: context truncated\n"); 943 printk(KERN_ERR "SELinux: context truncated\n");
947 goto out; 944 goto out;
948 } 945 }
@@ -950,19 +947,20 @@ static int context_read_and_validate(struct context *c,
950 c->role = le32_to_cpu(buf[1]); 947 c->role = le32_to_cpu(buf[1]);
951 c->type = le32_to_cpu(buf[2]); 948 c->type = le32_to_cpu(buf[2]);
952 if (p->policyvers >= POLICYDB_VERSION_MLS) { 949 if (p->policyvers >= POLICYDB_VERSION_MLS) {
953 if (mls_read_range_helper(&c->range, fp)) { 950 rc = mls_read_range_helper(&c->range, fp);
954 printk(KERN_ERR "SELinux: error reading MLS range of " 951 if (rc) {
955 "context\n"); 952 printk(KERN_ERR "SELinux: error reading MLS range of context\n");
956 rc = -EINVAL;
957 goto out; 953 goto out;
958 } 954 }
959 } 955 }
960 956
957 rc = -EINVAL;
961 if (!policydb_context_isvalid(p, c)) { 958 if (!policydb_context_isvalid(p, c)) {
962 printk(KERN_ERR "SELinux: invalid security context\n"); 959 printk(KERN_ERR "SELinux: invalid security context\n");
963 context_destroy(c); 960 context_destroy(c);
964 rc = -EINVAL; 961 goto out;
965 } 962 }
963 rc = 0;
966out: 964out:
967 return rc; 965 return rc;
968} 966}
@@ -981,37 +979,36 @@ static int perm_read(struct policydb *p, struct hashtab *h, void *fp)
981 __le32 buf[2]; 979 __le32 buf[2];
982 u32 len; 980 u32 len;
983 981
982 rc = -ENOMEM;
984 perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL); 983 perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL);
985 if (!perdatum) { 984 if (!perdatum)
986 rc = -ENOMEM; 985 goto bad;
987 goto out;
988 }
989 986
990 rc = next_entry(buf, fp, sizeof buf); 987 rc = next_entry(buf, fp, sizeof buf);
991 if (rc < 0) 988 if (rc)
992 goto bad; 989 goto bad;
993 990
994 len = le32_to_cpu(buf[0]); 991 len = le32_to_cpu(buf[0]);
995 perdatum->value = le32_to_cpu(buf[1]); 992 perdatum->value = le32_to_cpu(buf[1]);
996 993
994 rc = -ENOMEM;
997 key = kmalloc(len + 1, GFP_KERNEL); 995 key = kmalloc(len + 1, GFP_KERNEL);
998 if (!key) { 996 if (!key)
999 rc = -ENOMEM;
1000 goto bad; 997 goto bad;
1001 } 998
1002 rc = next_entry(key, fp, len); 999 rc = next_entry(key, fp, len);
1003 if (rc < 0) 1000 if (rc)
1004 goto bad; 1001 goto bad;
1005 key[len] = '\0'; 1002 key[len] = '\0';
1006 1003
1007 rc = hashtab_insert(h, key, perdatum); 1004 rc = hashtab_insert(h, key, perdatum);
1008 if (rc) 1005 if (rc)
1009 goto bad; 1006 goto bad;
1010out: 1007
1011 return rc; 1008 return 0;
1012bad: 1009bad:
1013 perm_destroy(key, perdatum, NULL); 1010 perm_destroy(key, perdatum, NULL);
1014 goto out; 1011 return rc;
1015} 1012}
1016 1013
1017static int common_read(struct policydb *p, struct hashtab *h, void *fp) 1014static int common_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1022,14 +1019,13 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1022 u32 len, nel; 1019 u32 len, nel;
1023 int i, rc; 1020 int i, rc;
1024 1021
1022 rc = -ENOMEM;
1025 comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); 1023 comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL);
1026 if (!comdatum) { 1024 if (!comdatum)
1027 rc = -ENOMEM; 1025 goto bad;
1028 goto out;
1029 }
1030 1026
1031 rc = next_entry(buf, fp, sizeof buf); 1027 rc = next_entry(buf, fp, sizeof buf);
1032 if (rc < 0) 1028 if (rc)
1033 goto bad; 1029 goto bad;
1034 1030
1035 len = le32_to_cpu(buf[0]); 1031 len = le32_to_cpu(buf[0]);
@@ -1041,13 +1037,13 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1041 comdatum->permissions.nprim = le32_to_cpu(buf[2]); 1037 comdatum->permissions.nprim = le32_to_cpu(buf[2]);
1042 nel = le32_to_cpu(buf[3]); 1038 nel = le32_to_cpu(buf[3]);
1043 1039
1040 rc = -ENOMEM;
1044 key = kmalloc(len + 1, GFP_KERNEL); 1041 key = kmalloc(len + 1, GFP_KERNEL);
1045 if (!key) { 1042 if (!key)
1046 rc = -ENOMEM;
1047 goto bad; 1043 goto bad;
1048 } 1044
1049 rc = next_entry(key, fp, len); 1045 rc = next_entry(key, fp, len);
1050 if (rc < 0) 1046 if (rc)
1051 goto bad; 1047 goto bad;
1052 key[len] = '\0'; 1048 key[len] = '\0';
1053 1049
@@ -1060,11 +1056,10 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1060 rc = hashtab_insert(h, key, comdatum); 1056 rc = hashtab_insert(h, key, comdatum);
1061 if (rc) 1057 if (rc)
1062 goto bad; 1058 goto bad;
1063out: 1059 return 0;
1064 return rc;
1065bad: 1060bad:
1066 common_destroy(key, comdatum, NULL); 1061 common_destroy(key, comdatum, NULL);
1067 goto out; 1062 return rc;
1068} 1063}
1069 1064
1070static int read_cons_helper(struct constraint_node **nodep, int ncons, 1065static int read_cons_helper(struct constraint_node **nodep, int ncons,
@@ -1088,7 +1083,7 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
1088 *nodep = c; 1083 *nodep = c;
1089 1084
1090 rc = next_entry(buf, fp, (sizeof(u32) * 2)); 1085 rc = next_entry(buf, fp, (sizeof(u32) * 2));
1091 if (rc < 0) 1086 if (rc)
1092 return rc; 1087 return rc;
1093 c->permissions = le32_to_cpu(buf[0]); 1088 c->permissions = le32_to_cpu(buf[0]);
1094 nexpr = le32_to_cpu(buf[1]); 1089 nexpr = le32_to_cpu(buf[1]);
@@ -1105,7 +1100,7 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
1105 c->expr = e; 1100 c->expr = e;
1106 1101
1107 rc = next_entry(buf, fp, (sizeof(u32) * 3)); 1102 rc = next_entry(buf, fp, (sizeof(u32) * 3));
1108 if (rc < 0) 1103 if (rc)
1109 return rc; 1104 return rc;
1110 e->expr_type = le32_to_cpu(buf[0]); 1105 e->expr_type = le32_to_cpu(buf[0]);
1111 e->attr = le32_to_cpu(buf[1]); 1106 e->attr = le32_to_cpu(buf[1]);
@@ -1133,8 +1128,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
1133 if (depth == (CEXPR_MAXDEPTH - 1)) 1128 if (depth == (CEXPR_MAXDEPTH - 1))
1134 return -EINVAL; 1129 return -EINVAL;
1135 depth++; 1130 depth++;
1136 if (ebitmap_read(&e->names, fp)) 1131 rc = ebitmap_read(&e->names, fp);
1137 return -EINVAL; 1132 if (rc)
1133 return rc;
1138 break; 1134 break;
1139 default: 1135 default:
1140 return -EINVAL; 1136 return -EINVAL;
@@ -1157,14 +1153,13 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1157 u32 len, len2, ncons, nel; 1153 u32 len, len2, ncons, nel;
1158 int i, rc; 1154 int i, rc;
1159 1155
1156 rc = -ENOMEM;
1160 cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); 1157 cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL);
1161 if (!cladatum) { 1158 if (!cladatum)
1162 rc = -ENOMEM; 1159 goto bad;
1163 goto out;
1164 }
1165 1160
1166 rc = next_entry(buf, fp, sizeof(u32)*6); 1161 rc = next_entry(buf, fp, sizeof(u32)*6);
1167 if (rc < 0) 1162 if (rc)
1168 goto bad; 1163 goto bad;
1169 1164
1170 len = le32_to_cpu(buf[0]); 1165 len = le32_to_cpu(buf[0]);
@@ -1179,33 +1174,30 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1179 1174
1180 ncons = le32_to_cpu(buf[5]); 1175 ncons = le32_to_cpu(buf[5]);
1181 1176
1177 rc = -ENOMEM;
1182 key = kmalloc(len + 1, GFP_KERNEL); 1178 key = kmalloc(len + 1, GFP_KERNEL);
1183 if (!key) { 1179 if (!key)
1184 rc = -ENOMEM;
1185 goto bad; 1180 goto bad;
1186 } 1181
1187 rc = next_entry(key, fp, len); 1182 rc = next_entry(key, fp, len);
1188 if (rc < 0) 1183 if (rc)
1189 goto bad; 1184 goto bad;
1190 key[len] = '\0'; 1185 key[len] = '\0';
1191 1186
1192 if (len2) { 1187 if (len2) {
1188 rc = -ENOMEM;
1193 cladatum->comkey = kmalloc(len2 + 1, GFP_KERNEL); 1189 cladatum->comkey = kmalloc(len2 + 1, GFP_KERNEL);
1194 if (!cladatum->comkey) { 1190 if (!cladatum->comkey)
1195 rc = -ENOMEM;
1196 goto bad; 1191 goto bad;
1197 }
1198 rc = next_entry(cladatum->comkey, fp, len2); 1192 rc = next_entry(cladatum->comkey, fp, len2);
1199 if (rc < 0) 1193 if (rc)
1200 goto bad; 1194 goto bad;
1201 cladatum->comkey[len2] = '\0'; 1195 cladatum->comkey[len2] = '\0';
1202 1196
1203 cladatum->comdatum = hashtab_search(p->p_commons.table, 1197 rc = -EINVAL;
1204 cladatum->comkey); 1198 cladatum->comdatum = hashtab_search(p->p_commons.table, cladatum->comkey);
1205 if (!cladatum->comdatum) { 1199 if (!cladatum->comdatum) {
1206 printk(KERN_ERR "SELinux: unknown common %s\n", 1200 printk(KERN_ERR "SELinux: unknown common %s\n", cladatum->comkey);
1207 cladatum->comkey);
1208 rc = -EINVAL;
1209 goto bad; 1201 goto bad;
1210 } 1202 }
1211 } 1203 }
@@ -1222,7 +1214,7 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1222 if (p->policyvers >= POLICYDB_VERSION_VALIDATETRANS) { 1214 if (p->policyvers >= POLICYDB_VERSION_VALIDATETRANS) {
1223 /* grab the validatetrans rules */ 1215 /* grab the validatetrans rules */
1224 rc = next_entry(buf, fp, sizeof(u32)); 1216 rc = next_entry(buf, fp, sizeof(u32));
1225 if (rc < 0) 1217 if (rc)
1226 goto bad; 1218 goto bad;
1227 ncons = le32_to_cpu(buf[0]); 1219 ncons = le32_to_cpu(buf[0]);
1228 rc = read_cons_helper(&cladatum->validatetrans, ncons, 1, fp); 1220 rc = read_cons_helper(&cladatum->validatetrans, ncons, 1, fp);
@@ -1234,12 +1226,10 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1234 if (rc) 1226 if (rc)
1235 goto bad; 1227 goto bad;
1236 1228
1237 rc = 0; 1229 return 0;
1238out:
1239 return rc;
1240bad: 1230bad:
1241 cls_destroy(key, cladatum, NULL); 1231 cls_destroy(key, cladatum, NULL);
1242 goto out; 1232 return rc;
1243} 1233}
1244 1234
1245static int role_read(struct policydb *p, struct hashtab *h, void *fp) 1235static int role_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1250,17 +1240,16 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1250 __le32 buf[3]; 1240 __le32 buf[3];
1251 u32 len; 1241 u32 len;
1252 1242
1243 rc = -ENOMEM;
1253 role = kzalloc(sizeof(*role), GFP_KERNEL); 1244 role = kzalloc(sizeof(*role), GFP_KERNEL);
1254 if (!role) { 1245 if (!role)
1255 rc = -ENOMEM; 1246 goto bad;
1256 goto out;
1257 }
1258 1247
1259 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1248 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1260 to_read = 3; 1249 to_read = 3;
1261 1250
1262 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read); 1251 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1263 if (rc < 0) 1252 if (rc)
1264 goto bad; 1253 goto bad;
1265 1254
1266 len = le32_to_cpu(buf[0]); 1255 len = le32_to_cpu(buf[0]);
@@ -1268,13 +1257,13 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1268 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1257 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1269 role->bounds = le32_to_cpu(buf[2]); 1258 role->bounds = le32_to_cpu(buf[2]);
1270 1259
1260 rc = -ENOMEM;
1271 key = kmalloc(len + 1, GFP_KERNEL); 1261 key = kmalloc(len + 1, GFP_KERNEL);
1272 if (!key) { 1262 if (!key)
1273 rc = -ENOMEM;
1274 goto bad; 1263 goto bad;
1275 } 1264
1276 rc = next_entry(key, fp, len); 1265 rc = next_entry(key, fp, len);
1277 if (rc < 0) 1266 if (rc)
1278 goto bad; 1267 goto bad;
1279 key[len] = '\0'; 1268 key[len] = '\0';
1280 1269
@@ -1287,10 +1276,10 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1287 goto bad; 1276 goto bad;
1288 1277
1289 if (strcmp(key, OBJECT_R) == 0) { 1278 if (strcmp(key, OBJECT_R) == 0) {
1279 rc = -EINVAL;
1290 if (role->value != OBJECT_R_VAL) { 1280 if (role->value != OBJECT_R_VAL) {
1291 printk(KERN_ERR "SELinux: Role %s has wrong value %d\n", 1281 printk(KERN_ERR "SELinux: Role %s has wrong value %d\n",
1292 OBJECT_R, role->value); 1282 OBJECT_R, role->value);
1293 rc = -EINVAL;
1294 goto bad; 1283 goto bad;
1295 } 1284 }
1296 rc = 0; 1285 rc = 0;
@@ -1300,11 +1289,10 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1300 rc = hashtab_insert(h, key, role); 1289 rc = hashtab_insert(h, key, role);
1301 if (rc) 1290 if (rc)
1302 goto bad; 1291 goto bad;
1303out: 1292 return 0;
1304 return rc;
1305bad: 1293bad:
1306 role_destroy(key, role, NULL); 1294 role_destroy(key, role, NULL);
1307 goto out; 1295 return rc;
1308} 1296}
1309 1297
1310static int type_read(struct policydb *p, struct hashtab *h, void *fp) 1298static int type_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1315,17 +1303,16 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp)
1315 __le32 buf[4]; 1303 __le32 buf[4];
1316 u32 len; 1304 u32 len;
1317 1305
1306 rc = -ENOMEM;
1318 typdatum = kzalloc(sizeof(*typdatum), GFP_KERNEL); 1307 typdatum = kzalloc(sizeof(*typdatum), GFP_KERNEL);
1319 if (!typdatum) { 1308 if (!typdatum)
1320 rc = -ENOMEM; 1309 goto bad;
1321 return rc;
1322 }
1323 1310
1324 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1311 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1325 to_read = 4; 1312 to_read = 4;
1326 1313
1327 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read); 1314 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1328 if (rc < 0) 1315 if (rc)
1329 goto bad; 1316 goto bad;
1330 1317
1331 len = le32_to_cpu(buf[0]); 1318 len = le32_to_cpu(buf[0]);
@@ -1343,24 +1330,22 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp)
1343 typdatum->primary = le32_to_cpu(buf[2]); 1330 typdatum->primary = le32_to_cpu(buf[2]);
1344 } 1331 }
1345 1332
1333 rc = -ENOMEM;
1346 key = kmalloc(len + 1, GFP_KERNEL); 1334 key = kmalloc(len + 1, GFP_KERNEL);
1347 if (!key) { 1335 if (!key)
1348 rc = -ENOMEM;
1349 goto bad; 1336 goto bad;
1350 }
1351 rc = next_entry(key, fp, len); 1337 rc = next_entry(key, fp, len);
1352 if (rc < 0) 1338 if (rc)
1353 goto bad; 1339 goto bad;
1354 key[len] = '\0'; 1340 key[len] = '\0';
1355 1341
1356 rc = hashtab_insert(h, key, typdatum); 1342 rc = hashtab_insert(h, key, typdatum);
1357 if (rc) 1343 if (rc)
1358 goto bad; 1344 goto bad;
1359out: 1345 return 0;
1360 return rc;
1361bad: 1346bad:
1362 type_destroy(key, typdatum, NULL); 1347 type_destroy(key, typdatum, NULL);
1363 goto out; 1348 return rc;
1364} 1349}
1365 1350
1366 1351
@@ -1376,22 +1361,18 @@ static int mls_read_level(struct mls_level *lp, void *fp)
1376 memset(lp, 0, sizeof(*lp)); 1361 memset(lp, 0, sizeof(*lp));
1377 1362
1378 rc = next_entry(buf, fp, sizeof buf); 1363 rc = next_entry(buf, fp, sizeof buf);
1379 if (rc < 0) { 1364 if (rc) {
1380 printk(KERN_ERR "SELinux: mls: truncated level\n"); 1365 printk(KERN_ERR "SELinux: mls: truncated level\n");
1381 goto bad; 1366 return rc;
1382 } 1367 }
1383 lp->sens = le32_to_cpu(buf[0]); 1368 lp->sens = le32_to_cpu(buf[0]);
1384 1369
1385 if (ebitmap_read(&lp->cat, fp)) { 1370 rc = ebitmap_read(&lp->cat, fp);
1386 printk(KERN_ERR "SELinux: mls: error reading level " 1371 if (rc) {
1387 "categories\n"); 1372 printk(KERN_ERR "SELinux: mls: error reading level categories\n");
1388 goto bad; 1373 return rc;
1389 } 1374 }
1390
1391 return 0; 1375 return 0;
1392
1393bad:
1394 return -EINVAL;
1395} 1376}
1396 1377
1397static int user_read(struct policydb *p, struct hashtab *h, void *fp) 1378static int user_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1402,17 +1383,16 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1402 __le32 buf[3]; 1383 __le32 buf[3];
1403 u32 len; 1384 u32 len;
1404 1385
1386 rc = -ENOMEM;
1405 usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL); 1387 usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL);
1406 if (!usrdatum) { 1388 if (!usrdatum)
1407 rc = -ENOMEM; 1389 goto bad;
1408 goto out;
1409 }
1410 1390
1411 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1391 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1412 to_read = 3; 1392 to_read = 3;
1413 1393
1414 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read); 1394 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1415 if (rc < 0) 1395 if (rc)
1416 goto bad; 1396 goto bad;
1417 1397
1418 len = le32_to_cpu(buf[0]); 1398 len = le32_to_cpu(buf[0]);
@@ -1420,13 +1400,12 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1420 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1400 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1421 usrdatum->bounds = le32_to_cpu(buf[2]); 1401 usrdatum->bounds = le32_to_cpu(buf[2]);
1422 1402
1403 rc = -ENOMEM;
1423 key = kmalloc(len + 1, GFP_KERNEL); 1404 key = kmalloc(len + 1, GFP_KERNEL);
1424 if (!key) { 1405 if (!key)
1425 rc = -ENOMEM;
1426 goto bad; 1406 goto bad;
1427 }
1428 rc = next_entry(key, fp, len); 1407 rc = next_entry(key, fp, len);
1429 if (rc < 0) 1408 if (rc)
1430 goto bad; 1409 goto bad;
1431 key[len] = '\0'; 1410 key[len] = '\0';
1432 1411
@@ -1446,11 +1425,10 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1446 rc = hashtab_insert(h, key, usrdatum); 1425 rc = hashtab_insert(h, key, usrdatum);
1447 if (rc) 1426 if (rc)
1448 goto bad; 1427 goto bad;
1449out: 1428 return 0;
1450 return rc;
1451bad: 1429bad:
1452 user_destroy(key, usrdatum, NULL); 1430 user_destroy(key, usrdatum, NULL);
1453 goto out; 1431 return rc;
1454} 1432}
1455 1433
1456static int sens_read(struct policydb *p, struct hashtab *h, void *fp) 1434static int sens_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1461,47 +1439,43 @@ static int sens_read(struct policydb *p, struct hashtab *h, void *fp)
1461 __le32 buf[2]; 1439 __le32 buf[2];
1462 u32 len; 1440 u32 len;
1463 1441
1442 rc = -ENOMEM;
1464 levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC); 1443 levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC);
1465 if (!levdatum) { 1444 if (!levdatum)
1466 rc = -ENOMEM; 1445 goto bad;
1467 goto out;
1468 }
1469 1446
1470 rc = next_entry(buf, fp, sizeof buf); 1447 rc = next_entry(buf, fp, sizeof buf);
1471 if (rc < 0) 1448 if (rc)
1472 goto bad; 1449 goto bad;
1473 1450
1474 len = le32_to_cpu(buf[0]); 1451 len = le32_to_cpu(buf[0]);
1475 levdatum->isalias = le32_to_cpu(buf[1]); 1452 levdatum->isalias = le32_to_cpu(buf[1]);
1476 1453
1454 rc = -ENOMEM;
1477 key = kmalloc(len + 1, GFP_ATOMIC); 1455 key = kmalloc(len + 1, GFP_ATOMIC);
1478 if (!key) { 1456 if (!key)
1479 rc = -ENOMEM;
1480 goto bad; 1457 goto bad;
1481 }
1482 rc = next_entry(key, fp, len); 1458 rc = next_entry(key, fp, len);
1483 if (rc < 0) 1459 if (rc)
1484 goto bad; 1460 goto bad;
1485 key[len] = '\0'; 1461 key[len] = '\0';
1486 1462
1463 rc = -ENOMEM;
1487 levdatum->level = kmalloc(sizeof(struct mls_level), GFP_ATOMIC); 1464 levdatum->level = kmalloc(sizeof(struct mls_level), GFP_ATOMIC);
1488 if (!levdatum->level) { 1465 if (!levdatum->level)
1489 rc = -ENOMEM;
1490 goto bad; 1466 goto bad;
1491 } 1467
1492 if (mls_read_level(levdatum->level, fp)) { 1468 rc = mls_read_level(levdatum->level, fp);
1493 rc = -EINVAL; 1469 if (rc)
1494 goto bad; 1470 goto bad;
1495 }
1496 1471
1497 rc = hashtab_insert(h, key, levdatum); 1472 rc = hashtab_insert(h, key, levdatum);
1498 if (rc) 1473 if (rc)
1499 goto bad; 1474 goto bad;
1500out: 1475 return 0;
1501 return rc;
1502bad: 1476bad:
1503 sens_destroy(key, levdatum, NULL); 1477 sens_destroy(key, levdatum, NULL);
1504 goto out; 1478 return rc;
1505} 1479}
1506 1480
1507static int cat_read(struct policydb *p, struct hashtab *h, void *fp) 1481static int cat_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1512,39 +1486,35 @@ static int cat_read(struct policydb *p, struct hashtab *h, void *fp)
1512 __le32 buf[3]; 1486 __le32 buf[3];
1513 u32 len; 1487 u32 len;
1514 1488
1489 rc = -ENOMEM;
1515 catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC); 1490 catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC);
1516 if (!catdatum) { 1491 if (!catdatum)
1517 rc = -ENOMEM; 1492 goto bad;
1518 goto out;
1519 }
1520 1493
1521 rc = next_entry(buf, fp, sizeof buf); 1494 rc = next_entry(buf, fp, sizeof buf);
1522 if (rc < 0) 1495 if (rc)
1523 goto bad; 1496 goto bad;
1524 1497
1525 len = le32_to_cpu(buf[0]); 1498 len = le32_to_cpu(buf[0]);
1526 catdatum->value = le32_to_cpu(buf[1]); 1499 catdatum->value = le32_to_cpu(buf[1]);
1527 catdatum->isalias = le32_to_cpu(buf[2]); 1500 catdatum->isalias = le32_to_cpu(buf[2]);
1528 1501
1502 rc = -ENOMEM;
1529 key = kmalloc(len + 1, GFP_ATOMIC); 1503 key = kmalloc(len + 1, GFP_ATOMIC);
1530 if (!key) { 1504 if (!key)
1531 rc = -ENOMEM;
1532 goto bad; 1505 goto bad;
1533 }
1534 rc = next_entry(key, fp, len); 1506 rc = next_entry(key, fp, len);
1535 if (rc < 0) 1507 if (rc)
1536 goto bad; 1508 goto bad;
1537 key[len] = '\0'; 1509 key[len] = '\0';
1538 1510
1539 rc = hashtab_insert(h, key, catdatum); 1511 rc = hashtab_insert(h, key, catdatum);
1540 if (rc) 1512 if (rc)
1541 goto bad; 1513 goto bad;
1542out: 1514 return 0;
1543 return rc;
1544
1545bad: 1515bad:
1546 cat_destroy(key, catdatum, NULL); 1516 cat_destroy(key, catdatum, NULL);
1547 goto out; 1517 return rc;
1548} 1518}
1549 1519
1550static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, void *fp) = 1520static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, void *fp) =
@@ -2066,13 +2036,14 @@ int policydb_read(struct policydb *p, void *fp)
2066 2036
2067 rc = policydb_init(p); 2037 rc = policydb_init(p);
2068 if (rc) 2038 if (rc)
2069 goto out; 2039 return rc;
2070 2040
2071 /* Read the magic number and string length. */ 2041 /* Read the magic number and string length. */
2072 rc = next_entry(buf, fp, sizeof(u32) * 2); 2042 rc = next_entry(buf, fp, sizeof(u32) * 2);
2073 if (rc < 0) 2043 if (rc)
2074 goto bad; 2044 goto bad;
2075 2045
2046 rc = -EINVAL;
2076 if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) { 2047 if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
2077 printk(KERN_ERR "SELinux: policydb magic number 0x%x does " 2048 printk(KERN_ERR "SELinux: policydb magic number 0x%x does "
2078 "not match expected magic number 0x%x\n", 2049 "not match expected magic number 0x%x\n",
@@ -2080,6 +2051,7 @@ int policydb_read(struct policydb *p, void *fp)
2080 goto bad; 2051 goto bad;
2081 } 2052 }
2082 2053
2054 rc = -EINVAL;
2083 len = le32_to_cpu(buf[1]); 2055 len = le32_to_cpu(buf[1]);
2084 if (len != strlen(POLICYDB_STRING)) { 2056 if (len != strlen(POLICYDB_STRING)) {
2085 printk(KERN_ERR "SELinux: policydb string length %d does not " 2057 printk(KERN_ERR "SELinux: policydb string length %d does not "
@@ -2087,19 +2059,23 @@ int policydb_read(struct policydb *p, void *fp)
2087 len, strlen(POLICYDB_STRING)); 2059 len, strlen(POLICYDB_STRING));
2088 goto bad; 2060 goto bad;
2089 } 2061 }
2062
2063 rc = -ENOMEM;
2090 policydb_str = kmalloc(len + 1, GFP_KERNEL); 2064 policydb_str = kmalloc(len + 1, GFP_KERNEL);
2091 if (!policydb_str) { 2065 if (!policydb_str) {
2092 printk(KERN_ERR "SELinux: unable to allocate memory for policydb " 2066 printk(KERN_ERR "SELinux: unable to allocate memory for policydb "
2093 "string of length %d\n", len); 2067 "string of length %d\n", len);
2094 rc = -ENOMEM;
2095 goto bad; 2068 goto bad;
2096 } 2069 }
2070
2097 rc = next_entry(policydb_str, fp, len); 2071 rc = next_entry(policydb_str, fp, len);
2098 if (rc < 0) { 2072 if (rc) {
2099 printk(KERN_ERR "SELinux: truncated policydb string identifier\n"); 2073 printk(KERN_ERR "SELinux: truncated policydb string identifier\n");
2100 kfree(policydb_str); 2074 kfree(policydb_str);
2101 goto bad; 2075 goto bad;
2102 } 2076 }
2077
2078 rc = -EINVAL;
2103 policydb_str[len] = '\0'; 2079 policydb_str[len] = '\0';
2104 if (strcmp(policydb_str, POLICYDB_STRING)) { 2080 if (strcmp(policydb_str, POLICYDB_STRING)) {
2105 printk(KERN_ERR "SELinux: policydb string %s does not match " 2081 printk(KERN_ERR "SELinux: policydb string %s does not match "
@@ -2113,9 +2089,10 @@ int policydb_read(struct policydb *p, void *fp)
2113 2089
2114 /* Read the version and table sizes. */ 2090 /* Read the version and table sizes. */
2115 rc = next_entry(buf, fp, sizeof(u32)*4); 2091 rc = next_entry(buf, fp, sizeof(u32)*4);
2116 if (rc < 0) 2092 if (rc)
2117 goto bad; 2093 goto bad;
2118 2094
2095 rc = -EINVAL;
2119 p->policyvers = le32_to_cpu(buf[0]); 2096 p->policyvers = le32_to_cpu(buf[0]);
2120 if (p->policyvers < POLICYDB_VERSION_MIN || 2097 if (p->policyvers < POLICYDB_VERSION_MIN ||
2121 p->policyvers > POLICYDB_VERSION_MAX) { 2098 p->policyvers > POLICYDB_VERSION_MAX) {
@@ -2128,6 +2105,7 @@ int policydb_read(struct policydb *p, void *fp)
2128 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) { 2105 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) {
2129 p->mls_enabled = 1; 2106 p->mls_enabled = 1;
2130 2107
2108 rc = -EINVAL;
2131 if (p->policyvers < POLICYDB_VERSION_MLS) { 2109 if (p->policyvers < POLICYDB_VERSION_MLS) {
2132 printk(KERN_ERR "SELinux: security policydb version %d " 2110 printk(KERN_ERR "SELinux: security policydb version %d "
2133 "(MLS) not backwards compatible\n", 2111 "(MLS) not backwards compatible\n",
@@ -2138,14 +2116,19 @@ int policydb_read(struct policydb *p, void *fp)
2138 p->reject_unknown = !!(le32_to_cpu(buf[1]) & REJECT_UNKNOWN); 2116 p->reject_unknown = !!(le32_to_cpu(buf[1]) & REJECT_UNKNOWN);
2139 p->allow_unknown = !!(le32_to_cpu(buf[1]) & ALLOW_UNKNOWN); 2117 p->allow_unknown = !!(le32_to_cpu(buf[1]) & ALLOW_UNKNOWN);
2140 2118
2141 if (p->policyvers >= POLICYDB_VERSION_POLCAP && 2119 if (p->policyvers >= POLICYDB_VERSION_POLCAP) {
2142 ebitmap_read(&p->policycaps, fp) != 0) 2120 rc = ebitmap_read(&p->policycaps, fp);
2143 goto bad; 2121 if (rc)
2122 goto bad;
2123 }
2144 2124
2145 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE && 2125 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE) {
2146 ebitmap_read(&p->permissive_map, fp) != 0) 2126 rc = ebitmap_read(&p->permissive_map, fp);
2147 goto bad; 2127 if (rc)
2128 goto bad;
2129 }
2148 2130
2131 rc = -EINVAL;
2149 info = policydb_lookup_compat(p->policyvers); 2132 info = policydb_lookup_compat(p->policyvers);
2150 if (!info) { 2133 if (!info) {
2151 printk(KERN_ERR "SELinux: unable to find policy compat info " 2134 printk(KERN_ERR "SELinux: unable to find policy compat info "
@@ -2153,6 +2136,7 @@ int policydb_read(struct policydb *p, void *fp)
2153 goto bad; 2136 goto bad;
2154 } 2137 }
2155 2138
2139 rc = -EINVAL;
2156 if (le32_to_cpu(buf[2]) != info->sym_num || 2140 if (le32_to_cpu(buf[2]) != info->sym_num ||
2157 le32_to_cpu(buf[3]) != info->ocon_num) { 2141 le32_to_cpu(buf[3]) != info->ocon_num) {
2158 printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do " 2142 printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do "
@@ -2164,7 +2148,7 @@ int policydb_read(struct policydb *p, void *fp)
2164 2148
2165 for (i = 0; i < info->sym_num; i++) { 2149 for (i = 0; i < info->sym_num; i++) {
2166 rc = next_entry(buf, fp, sizeof(u32)*2); 2150 rc = next_entry(buf, fp, sizeof(u32)*2);
2167 if (rc < 0) 2151 if (rc)
2168 goto bad; 2152 goto bad;
2169 nprim = le32_to_cpu(buf[0]); 2153 nprim = le32_to_cpu(buf[0]);
2170 nel = le32_to_cpu(buf[1]); 2154 nel = le32_to_cpu(buf[1]);
@@ -2188,60 +2172,58 @@ int policydb_read(struct policydb *p, void *fp)
2188 } 2172 }
2189 2173
2190 rc = next_entry(buf, fp, sizeof(u32)); 2174 rc = next_entry(buf, fp, sizeof(u32));
2191 if (rc < 0) 2175 if (rc)
2192 goto bad; 2176 goto bad;
2193 nel = le32_to_cpu(buf[0]); 2177 nel = le32_to_cpu(buf[0]);
2194 ltr = NULL; 2178 ltr = NULL;
2195 for (i = 0; i < nel; i++) { 2179 for (i = 0; i < nel; i++) {
2180 rc = -ENOMEM;
2196 tr = kzalloc(sizeof(*tr), GFP_KERNEL); 2181 tr = kzalloc(sizeof(*tr), GFP_KERNEL);
2197 if (!tr) { 2182 if (!tr)
2198 rc = -ENOMEM;
2199 goto bad; 2183 goto bad;
2200 }
2201 if (ltr) 2184 if (ltr)
2202 ltr->next = tr; 2185 ltr->next = tr;
2203 else 2186 else
2204 p->role_tr = tr; 2187 p->role_tr = tr;
2205 rc = next_entry(buf, fp, sizeof(u32)*3); 2188 rc = next_entry(buf, fp, sizeof(u32)*3);
2206 if (rc < 0) 2189 if (rc)
2207 goto bad; 2190 goto bad;
2191
2192 rc = -EINVAL;
2208 tr->role = le32_to_cpu(buf[0]); 2193 tr->role = le32_to_cpu(buf[0]);
2209 tr->type = le32_to_cpu(buf[1]); 2194 tr->type = le32_to_cpu(buf[1]);
2210 tr->new_role = le32_to_cpu(buf[2]); 2195 tr->new_role = le32_to_cpu(buf[2]);
2211 if (!policydb_role_isvalid(p, tr->role) || 2196 if (!policydb_role_isvalid(p, tr->role) ||
2212 !policydb_type_isvalid(p, tr->type) || 2197 !policydb_type_isvalid(p, tr->type) ||
2213 !policydb_role_isvalid(p, tr->new_role)) { 2198 !policydb_role_isvalid(p, tr->new_role))
2214 rc = -EINVAL;
2215 goto bad; 2199 goto bad;
2216 }
2217 ltr = tr; 2200 ltr = tr;
2218 } 2201 }
2219 2202
2220 rc = next_entry(buf, fp, sizeof(u32)); 2203 rc = next_entry(buf, fp, sizeof(u32));
2221 if (rc < 0) 2204 if (rc)
2222 goto bad; 2205 goto bad;
2223 nel = le32_to_cpu(buf[0]); 2206 nel = le32_to_cpu(buf[0]);
2224 lra = NULL; 2207 lra = NULL;
2225 for (i = 0; i < nel; i++) { 2208 for (i = 0; i < nel; i++) {
2209 rc = -ENOMEM;
2226 ra = kzalloc(sizeof(*ra), GFP_KERNEL); 2210 ra = kzalloc(sizeof(*ra), GFP_KERNEL);
2227 if (!ra) { 2211 if (!ra)
2228 rc = -ENOMEM;
2229 goto bad; 2212 goto bad;
2230 }
2231 if (lra) 2213 if (lra)
2232 lra->next = ra; 2214 lra->next = ra;
2233 else 2215 else
2234 p->role_allow = ra; 2216 p->role_allow = ra;
2235 rc = next_entry(buf, fp, sizeof(u32)*2); 2217 rc = next_entry(buf, fp, sizeof(u32)*2);
2236 if (rc < 0) 2218 if (rc)
2237 goto bad; 2219 goto bad;
2220
2221 rc = -EINVAL;
2238 ra->role = le32_to_cpu(buf[0]); 2222 ra->role = le32_to_cpu(buf[0]);
2239 ra->new_role = le32_to_cpu(buf[1]); 2223 ra->new_role = le32_to_cpu(buf[1]);
2240 if (!policydb_role_isvalid(p, ra->role) || 2224 if (!policydb_role_isvalid(p, ra->role) ||
2241 !policydb_role_isvalid(p, ra->new_role)) { 2225 !policydb_role_isvalid(p, ra->new_role))
2242 rc = -EINVAL;
2243 goto bad; 2226 goto bad;
2244 }
2245 lra = ra; 2227 lra = ra;
2246 } 2228 }
2247 2229
@@ -2253,13 +2235,14 @@ int policydb_read(struct policydb *p, void *fp)
2253 if (rc) 2235 if (rc)
2254 goto bad; 2236 goto bad;
2255 2237
2238 rc = -EINVAL;
2256 p->process_class = string_to_security_class(p, "process"); 2239 p->process_class = string_to_security_class(p, "process");
2257 if (!p->process_class) 2240 if (!p->process_class)
2258 goto bad; 2241 goto bad;
2259 p->process_trans_perms = string_to_av_perm(p, p->process_class, 2242
2260 "transition"); 2243 rc = -EINVAL;
2261 p->process_trans_perms |= string_to_av_perm(p, p->process_class, 2244 p->process_trans_perms = string_to_av_perm(p, p->process_class, "transition");
2262 "dyntransition"); 2245 p->process_trans_perms |= string_to_av_perm(p, p->process_class, "dyntransition");
2263 if (!p->process_trans_perms) 2246 if (!p->process_trans_perms)
2264 goto bad; 2247 goto bad;
2265 2248
@@ -2312,8 +2295,6 @@ int policydb_read(struct policydb *p, void *fp)
2312out: 2295out:
2313 return rc; 2296 return rc;
2314bad: 2297bad:
2315 if (!rc)
2316 rc = -EINVAL;
2317 policydb_destroy(p); 2298 policydb_destroy(p);
2318 goto out; 2299 goto out;
2319} 2300}
@@ -3076,7 +3057,7 @@ int policydb_write(struct policydb *p, void *fp)
3076 if (!info) { 3057 if (!info) {
3077 printk(KERN_ERR "SELinux: compatibility lookup failed for policy " 3058 printk(KERN_ERR "SELinux: compatibility lookup failed for policy "
3078 "version %d", p->policyvers); 3059 "version %d", p->policyvers);
3079 return rc; 3060 return -EINVAL;
3080 } 3061 }
3081 3062
3082 buf[0] = cpu_to_le32(p->policyvers); 3063 buf[0] = cpu_to_le32(p->policyvers);