| From 31bcf45c3b9abce9e876fb1356bbb235dc8479ec Mon Sep 17 00:00:00 2001 |
| From: Sasha Levin <sashal@kernel.org> |
| Date: Tue, 17 Dec 2019 17:25:47 +0530 |
| Subject: selinux: ensure we cleanup the internal AVC counters on error in |
| avc_update() |
| |
| From: Jaihind Yadav <jaihindyadav@codeaurora.org> |
| |
| [ Upstream commit 030b995ad9ece9fa2d218af4429c1c78c2342096 ] |
| |
| In AVC update we don't call avc_node_kill() when avc_xperms_populate() |
| fails, resulting in the avc->avc_cache.active_nodes counter having a |
| false value. In last patch this changes was missed , so correcting it. |
| |
| Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls") |
| Signed-off-by: Jaihind Yadav <jaihindyadav@codeaurora.org> |
| Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org> |
| [PM: merge fuzz, minor description cleanup] |
| Signed-off-by: Paul Moore <paul@paul-moore.com> |
| Signed-off-by: Sasha Levin <sashal@kernel.org> |
| --- |
| security/selinux/avc.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| diff --git a/security/selinux/avc.c b/security/selinux/avc.c |
| index 6646300f7ccb2..d18cb32a242ae 100644 |
| --- a/security/selinux/avc.c |
| +++ b/security/selinux/avc.c |
| @@ -891,7 +891,7 @@ static int avc_update_node(struct selinux_avc *avc, |
| if (orig->ae.xp_node) { |
| rc = avc_xperms_populate(node, orig->ae.xp_node); |
| if (rc) { |
| - kmem_cache_free(avc_node_cachep, node); |
| + avc_node_kill(avc, node); |
| goto out_unlock; |
| } |
| } |
| -- |
| 2.20.1 |
| |