SELinux: fix locking issue introduced with c6d3aaa4e3

Ensure that we release the policy read lock on all exit paths from
security_compute_av.

Signed-off-by:  Stephen D. Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Stephen Smalley 2009-10-19 10:08:50 -04:00 committed by James Morris
parent 825332e4ff
commit b7f3008ad1

View file

@ -935,19 +935,22 @@ int security_compute_av(u32 ssid,
u32 requested;
int rc;
read_lock(&policy_rwlock);
if (!ss_initialized)
goto allow;
read_lock(&policy_rwlock);
requested = unmap_perm(orig_tclass, orig_requested);
tclass = unmap_class(orig_tclass);
if (unlikely(orig_tclass && !tclass)) {
if (policydb.allow_unknown)
goto allow;
return -EINVAL;
rc = -EINVAL;
goto out;
}
rc = security_compute_av_core(ssid, tsid, tclass, requested, avd);
map_decision(orig_tclass, avd, policydb.allow_unknown);
out:
read_unlock(&policy_rwlock);
return rc;
allow:
@ -956,7 +959,8 @@ allow:
avd->auditdeny = 0xffffffff;
avd->seqno = latest_granting;
avd->flags = 0;
return 0;
rc = 0;
goto out;
}
int security_compute_av_user(u32 ssid,