selinux: load the initial SIDs upon every policy load (42596eaf) · Commits · e / devices / android_kernel_oneplus_sm7250

security/selinux/ss/services.c

+12 −4

Original line number	Diff line number	Diff line
		@@ -1506,7 +1506,10 @@ static int clone_sid(u32 sid,
		{
		struct sidtab *s = arg;

		if (sid > SECINITSID_NUM)
		return sidtab_insert(s, sid, context);
		else
		return 0;
		}

		static inline int convert_context_handle_invalid_context(struct context *context)
		@@ -1552,7 +1555,10 @@ static int convert_context(u32 key,
		struct user_datum *usrdatum;
		char *s;
		u32 len;
		int rc;
		int rc = 0;

		if (key <= SECINITSID_NUM)
		goto out;

		args = p;

		@@ -1712,9 +1718,11 @@ int security_load_policy(void *data, size_t len)
		if (policydb_read(&newpolicydb, fp))
		return -EINVAL;

		if (sidtab_init(&newsidtab)) {
		rc = policydb_load_isids(&newpolicydb, &newsidtab);
		if (rc) {
		printk(KERN_ERR "SELinux: unable to load the initial SIDs\n");
		policydb_destroy(&newpolicydb);
		return -ENOMEM;
		return rc;
		}

		if (selinux_set_mapping(&newpolicydb, secclass_map,