selinux: fix error codes in cond_read_av_list()

After this patch cond_read_av_list() no longer returns -1 for any errors. It just propagates error code back from lower levels. Those can either be -EINVAL or -ENOMEM. I also modified cond_insertf() since cond_read_av_list() passes that as a function pointer to avtab_read_item(). It isn't used anywhere else. Signed-off-by: Dan Carpenter <error27@gmail.com> Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
author: Dan Carpenter <error27@gmail.com> 2010-06-12 14:52:19 -0400
committer: James Morris <jmorris@namei.org> 2010-08-02 01:35:02 -0400
commit: 9d623b17a740d5a85c12108cdc71c64fb15484fc (patch)
tree: 15434839a75f9c46c53a201520c6c859fad3c74b /security
parent: 5241c1074f6e2f2276d45d857eb5d19fbdc2e4b2 (diff)
1 files changed, 8 insertions, 6 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 775418aa0a8e..aac40c7ff28c 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -263,7 +263,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
        struct cond_av_list *other = data->other, *list, *cur;
        struct avtab_node *node_ptr;
        u8 found;
+        int rc = -EINVAL;
        /*
         * For type rules we have to make certain there aren't any
@@ -313,12 +313,15 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
        node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);
        if (!node_ptr) {
                printk(KERN_ERR "SELinux: could not insert rule.\n");
+                rc = -ENOMEM;
                goto err;
        }
        list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);
-        if (!list)
+        if (!list) {
+                rc = -ENOMEM;
                goto err;
+        }
        list->node = node_ptr;
        if (!data->head)
@@ -331,7 +334,7 @@ static int cond_insertf(struct avtab *a, struct avtab_key *k, struct avtab_datum
 err:
        cond_av_list_destroy(data->head);
        data->head = NULL;
-        return -1;
+        return rc;
 }
 static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list **ret_list, struct cond_av_list *other)
@@ -345,8 +348,8 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
        len = 0;
        rc = next_entry(buf, fp, sizeof(u32));
-        if (rc < 0)
+        if (rc)
-                return -1;
+                return rc;
        len = le32_to_cpu(buf[0]);
        if (len == 0)
@@ -361,7 +364,6 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
                                     &data);
                if (rc)
                        return rc;
        }
        *ret_list = data.head;
author	Dan Carpenter <error27@gmail.com>	2010-06-12 14:52:19 -0400
committer	James Morris <jmorris@namei.org>	2010-08-02 01:35:02 -0400
commit	9d623b17a740d5a85c12108cdc71c64fb15484fc (patch)
tree	15434839a75f9c46c53a201520c6c859fad3c74b /security
parent	5241c1074f6e2f2276d45d857eb5d19fbdc2e4b2 (diff)

diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index 775418aa0a8e..aac40c7ff28c 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c
@@ -263,7 +263,7 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum
263	struct cond_av_list other = data->other, list, *cur;	263	struct cond_av_list other = data->other, list, *cur;
264	struct avtab_node *node_ptr;	264	struct avtab_node *node_ptr;
265	u8 found;	265	u8 found;
266		266	int rc = -EINVAL;
267		267
268	/*	268	/*
269	* For type rules we have to make certain there aren't any	269	* For type rules we have to make certain there aren't any
@@ -313,12 +313,15 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum
313	node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);	313	node_ptr = avtab_insert_nonunique(&p->te_cond_avtab, k, d);
314	if (!node_ptr) {	314	if (!node_ptr) {
315	printk(KERN_ERR "SELinux: could not insert rule.\n");	315	printk(KERN_ERR "SELinux: could not insert rule.\n");
		316	rc = -ENOMEM;
316	goto err;	317	goto err;
317	}	318	}
318		319
319	list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);	320	list = kzalloc(sizeof(struct cond_av_list), GFP_KERNEL);
320	if (!list)	321	if (!list) {
		322	rc = -ENOMEM;
321	goto err;	323	goto err;
		324	}
322		325
323	list->node = node_ptr;	326	list->node = node_ptr;
324	if (!data->head)	327	if (!data->head)
@@ -331,7 +334,7 @@ static int cond_insertf(struct avtab a, struct avtab_key k, struct avtab_datum
331	err:	334	err:
332	cond_av_list_destroy(data->head);	335	cond_av_list_destroy(data->head);
333	data->head = NULL;	336	data->head = NULL;
334	return -1;	337	return rc;
335	}	338	}
336		339
337	static int cond_read_av_list(struct policydb p, void fp, struct cond_av_list *ret_list, struct cond_av_list other)	340	static int cond_read_av_list(struct policydb p, void fp, struct cond_av_list *ret_list, struct cond_av_list other)
@@ -345,8 +348,8 @@ static int cond_read_av_list(struct policydb p, void fp, struct cond_av_list *
345		348
346	len = 0;	349	len = 0;
347	rc = next_entry(buf, fp, sizeof(u32));	350	rc = next_entry(buf, fp, sizeof(u32));
348	if (rc < 0)	351	if (rc)
349	return -1;	352	return rc;
350		353
351	len = le32_to_cpu(buf[0]);	354	len = le32_to_cpu(buf[0]);
352	if (len == 0)	355	if (len == 0)
@@ -361,7 +364,6 @@ static int cond_read_av_list(struct policydb p, void fp, struct cond_av_list *
361	&data);	364	&data);
362	if (rc)	365	if (rc)
363	return rc;	366	return rc;
364
365	}	367	}
366		368
367	*ret_list = data.head;	369	*ret_list = data.head;