mirror of https://gitee.com/openkylin/linux.git
selinux: fix handling of uninitialized selinux state in get_bools/classes
If security_get_bools/classes are called before the selinux state is initialized (i.e. before first policy load), then they should just return immediately with no booleans/classes. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
d3cc2cd7c8
commit
274f62e1e5
|
@ -2811,6 +2811,13 @@ int security_get_bools(struct selinux_state *state,
|
|||
struct policydb *policydb;
|
||||
int i, rc;
|
||||
|
||||
if (!state->initialized) {
|
||||
*len = 0;
|
||||
*names = NULL;
|
||||
*values = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
read_lock(&state->ss->policy_rwlock);
|
||||
|
||||
policydb = &state->ss->policydb;
|
||||
|
@ -3141,6 +3148,12 @@ int security_get_classes(struct selinux_state *state,
|
|||
struct policydb *policydb = &state->ss->policydb;
|
||||
int rc;
|
||||
|
||||
if (!state->initialized) {
|
||||
*nclasses = 0;
|
||||
*classes = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
read_lock(&state->ss->policy_rwlock);
|
||||
|
||||
rc = -ENOMEM;
|
||||
|
|
Loading…
Reference in New Issue