summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJaihind Yadav <jaihindyadav@codeaurora.org>2019-12-17 12:55:47 +0100
committerPaul Moore <paul@paul-moore.com>2019-12-21 16:59:21 +0100
commit030b995ad9ece9fa2d218af4429c1c78c2342096 (patch)
tree1c016af4c1ac6e03442fd29e613240450e3871cf
parentselinux: randomize layout of key structures (diff)
downloadlinux-030b995ad9ece9fa2d218af4429c1c78c2342096.tar.xz
linux-030b995ad9ece9fa2d218af4429c1c78c2342096.zip
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
In AVC update we don't call avc_node_kill() when avc_xperms_populate() fails, resulting in the avc->avc_cache.active_nodes counter having a false value. In last patch this changes was missed , so correcting it. Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls") Signed-off-by: Jaihind Yadav <jaihindyadav@codeaurora.org> Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org> [PM: merge fuzz, minor description cleanup] Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r--security/selinux/avc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 6646300f7ccb..d18cb32a242a 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -891,7 +891,7 @@ static int avc_update_node(struct selinux_avc *avc,
if (orig->ae.xp_node) {
rc = avc_xperms_populate(node, orig->ae.xp_node);
if (rc) {
- kmem_cache_free(avc_node_cachep, node);
+ avc_node_kill(avc, node);
goto out_unlock;
}
}