Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fd33af95 authored by Paul Moore's avatar Paul Moore Committed by Gerrit - the friendly Code Review server
Browse files

selinux: ensure we cleanup the internal AVC counters on error in avc_insert() 



Fix avc_insert() to call avc_node_kill() if we've already allocated
an AVC node and the code fails to insert the node in the cache.

Fixes: fa1aa143 ("selinux: extended permissions for ioctls")
Reported-by: default avatar <rsiddoji@codeaurora.org>
Suggested-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com&gt;.>

Git-repo: https://www.spinics.net/lists/selinux/msg29616.html


Git-commit: d8db60cb23e49a92cf8cada3297395c7fa50fdf8
Change-Id: I655e9f3dc8e260371090e908588223cdbc064914
Signed-off-by: default avatarRavi Kumar Siddojigari <rsiddoji@codeaurora.org>
parent e4f5f922

security/selinux/avc.c

+25 −27
Original line number Diff line number Diff line
@@ -691,26 +691,25 @@ static struct avc_node *avc_insert(struct selinux_avc *avc, 
	struct avc_node *pos, *node = NULL;

	int hvalue;

	unsigned long flag;

	spinlock_t *lock;

	struct hlist_head *head;



	if (avc_latest_notif_update(avc, avd->seqno, 1))

		goto out;

		return NULL;



	node = avc_alloc_node(avc);

	if (node) {

		struct hlist_head *head;

		spinlock_t *lock;

		int rc = 0;

	if (!node)

		return NULL;



		hvalue = avc_hash(ssid, tsid, tclass);

	avc_node_populate(node, ssid, tsid, tclass, avd);

		rc = avc_xperms_populate(node, xp_node);

		if (rc) {

			kmem_cache_free(avc_node_cachep, node);

	if (avc_xperms_populate(node, xp_node)) {

		avc_node_kill(avc, node);

		return NULL;

	}



	hvalue = avc_hash(ssid, tsid, tclass);

	head = &avc->avc_cache.slots[hvalue];

	lock = &avc->avc_cache.slots_lock[hvalue];



	spin_lock_irqsave(lock, flag);

	hlist_for_each_entry(pos, head, list) {

		if (pos->ae.ssid == ssid &&
@@ -720,11 +719,10 @@ static struct avc_node *avc_insert(struct selinux_avc *avc, 
			goto found;

		}

	}



	hlist_add_head_rcu(&node->list, head);

found:

	spin_unlock_irqrestore(lock, flag);

	}

out:

	return node;

}