[PATCH][SELINUX] Fix error handling code for policy load

[Stephen Smalley]

This patch against 2.6.11-rc1-bk1 fixes several bugs in the error
handling code for SELinux policy loading that were introduced by my
earlier patch to eliminate unaligned accesses by that code.  Please
apply.

Signed-off-by:  Stephen Smalley <sds@xxxxxxxxxxxxxx>

 security/selinux/ss/avtab.c    |    4 +++-
 security/selinux/ss/ebitmap.c  |    6 ++++--
 security/selinux/ss/policydb.c |    9 +++++++--
 3 files changed, 14 insertions(+), 5 deletions(-)

Index: linux-2.6/security/selinux/ss/avtab.c
===================================================================
RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/ss/avtab.c,v
retrieving revision 1.22
diff -u -p -r1.22 avtab.c
--- linux-2.6/security/selinux/ss/avtab.c	8 Dec 2004 14:27:45 -0000	1.22
+++ linux-2.6/security/selinux/ss/avtab.c	11 Jan 2005 20:58:27 -0000
@@ -386,8 +386,10 @@ int avtab_read(struct avtab *a, void *fp
 		goto bad;
 	}
 	for (i = 0; i < nel; i++) {
-		if (avtab_read_item(fp, &avdatum, &avkey))
+		if (avtab_read_item(fp, &avdatum, &avkey)) {
+			rc = -EINVAL;
 			goto bad;
+		}
 		rc = avtab_insert(a, &avkey, &avdatum);
 		if (rc) {
 			if (rc == -ENOMEM)
Index: linux-2.6/security/selinux/ss/ebitmap.c
===================================================================
RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/ss/ebitmap.c,v
retrieving revision 1.15
diff -u -p -r1.15 ebitmap.c
--- linux-2.6/security/selinux/ss/ebitmap.c	8 Dec 2004 14:27:45 -0000	1.15
+++ linux-2.6/security/selinux/ss/ebitmap.c	11 Jan 2005 20:56:40 -0000
@@ -237,7 +237,7 @@ void ebitmap_destroy(struct ebitmap *e)
 
 int ebitmap_read(struct ebitmap *e, void *fp)
 {
-	int rc = -EINVAL;
+	int rc;
 	struct ebitmap_node *n, *l;
 	u32 buf[3], mapsize, count, i;
 	u64 map;
@@ -256,7 +256,7 @@ int ebitmap_read(struct ebitmap *e, void
 		printk(KERN_ERR "security: ebitmap: map size %u does not "
 		       "match my size %Zd (high bit was %d)\n", mapsize,
 		       MAPSIZE, e->highbit);
-		goto out;
+		goto bad;
 	}
 	if (!e->highbit) {
 		e->node = NULL;
@@ -329,6 +329,8 @@ out:
 bad_free:
 	kfree(n);
 bad:
+	if (!rc)
+		rc = -EINVAL;
 	ebitmap_destroy(e);
 	goto out;
 }
Index: linux-2.6/security/selinux/ss/policydb.c
===================================================================
RCS file: /nfshome/pal/CVS/linux-2.6/security/selinux/ss/policydb.c,v
retrieving revision 1.34
diff -u -p -r1.34 policydb.c
--- linux-2.6/security/selinux/ss/policydb.c	8 Dec 2004 14:27:45 -0000	1.34
+++ linux-2.6/security/selinux/ss/policydb.c	11 Jan 2005 20:51:20 -0000
@@ -832,7 +832,6 @@ static int class_read(struct policydb *p
 	}
 
 	lc = NULL;
-	rc = -EINVAL;
 	for (i = 0; i < ncons; i++) {
 		c = kmalloc(sizeof(*c), GFP_KERNEL);
 		if (!c) {
@@ -875,6 +874,7 @@ static int class_read(struct policydb *p
 			e->attr = le32_to_cpu(buf[1]);
 			e->op = le32_to_cpu(buf[2]);
 
+			rc = -EINVAL;
 			switch (e->expr_type) {
 			case CEXPR_NOT:
 				if (depth < 0)
@@ -915,6 +915,8 @@ static int class_read(struct policydb *p
 	rc = hashtab_insert(h, key, cladatum);
 	if (rc)
 		goto bad;
+
+	rc = 0;
 out:
 	return rc;
 bad:
@@ -1110,7 +1112,6 @@ int policydb_read(struct policydb *p, vo
 	if (rc)
 		goto out;
 
-	rc = -EINVAL;
 	/* Read the magic number and string length. */
 	rc = next_entry(buf, fp, sizeof(u32)* 2);
 	if (rc < 0)
@@ -1503,12 +1504,16 @@ int policydb_read(struct policydb *p, vo
 	rc = mls_read_trusted(p, fp);
 	if (rc)
 		goto bad;
+	
+	rc = 0;
 out:
 	policydb_loaded_version = r_policyvers;
 	return rc;
 bad_newc:
 	ocontext_destroy(newc,OCON_FSUSE);
 bad:
+	if (!rc)
+		rc = -EINVAL;
 	policydb_destroy(p);
 	goto out;
 }

-- 
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/