diff options
author | Jaihind Yadav <jaihindyadav@codeaurora.org> | 2019-12-17 12:55:47 +0100 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2019-12-21 16:59:21 +0100 |
commit | 030b995ad9ece9fa2d218af4429c1c78c2342096 (patch) | |
tree | 1c016af4c1ac6e03442fd29e613240450e3871cf | |
parent | selinux: randomize layout of key structures (diff) | |
download | linux-030b995ad9ece9fa2d218af4429c1c78c2342096.tar.xz linux-030b995ad9ece9fa2d218af4429c1c78c2342096.zip |
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
In AVC update we don't call avc_node_kill() when avc_xperms_populate()
fails, resulting in the avc->avc_cache.active_nodes counter having a
false value. In last patch this changes was missed , so correcting it.
Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls")
Signed-off-by: Jaihind Yadav <jaihindyadav@codeaurora.org>
Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>
[PM: merge fuzz, minor description cleanup]
Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r-- | security/selinux/avc.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 6646300f7ccb..d18cb32a242a 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -891,7 +891,7 @@ static int avc_update_node(struct selinux_avc *avc, if (orig->ae.xp_node) { rc = avc_xperms_populate(node, orig->ae.xp_node); if (rc) { - kmem_cache_free(avc_node_cachep, node); + avc_node_kill(avc, node); goto out_unlock; } } |