Commit 9b6a9ecc authored Sep 10, 2016 by Wei Yongjun Committed by Paul Moore Sep 13, 2016

selinux: fix error return code in policydb_read()



Fix to return error code -EINVAL from the error handling case instead
of 0 (rc is overwrite to 0 when policyvers >=
POLICYDB_VERSION_ROLETRANS), as done elsewhere in this function.

Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
[PM: normalize "selinux" in patch subject, description line wrap]
Signed-off-by: Paul Moore <paul@paul-moore.com>

parent 7c686af0

security/selinux/ss/policydb.c

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -2417,6 +2417,7 @@ int policydb_read(struct policydb p, void fp)
	} else		} else
	tr->tclass = p->process_class;		tr->tclass = p->process_class;

			rc = -EINVAL;
	if (!policydb_role_isvalid(p, tr->role) \|\|		if (!policydb_role_isvalid(p, tr->role) \|\|
	!policydb_type_isvalid(p, tr->type) \|\|		!policydb_type_isvalid(p, tr->type) \|\|
	!policydb_class_isvalid(p, tr->tclass) \|\|		!policydb_class_isvalid(p, tr->tclass) \|\|