summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJaihind Yadav <jaihindyadav@codeaurora.org>2019-12-17 17:25:47 +0530
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2020-02-24 08:34:43 +0100
commit7742c3e9db41b1add4570c146b4bb429ce8ee610 (patch)
tree4b5e0048c52a320c4c16ba5e23a8475e316fbec7 /security
parent69941019d9dd0af7d440b108fbdf44c6f7c0a2f0 (diff)
downloadlinux-stable-7742c3e9db41b1add4570c146b4bb429ce8ee610.tar.gz
linux-stable-7742c3e9db41b1add4570c146b4bb429ce8ee610.tar.bz2
linux-stable-7742c3e9db41b1add4570c146b4bb429ce8ee610.zip
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
[ Upstream commit 030b995ad9ece9fa2d218af4429c1c78c2342096 ] In AVC update we don't call avc_node_kill() when avc_xperms_populate() fails, resulting in the avc->avc_cache.active_nodes counter having a false value. In last patch this changes was missed , so correcting it. Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls") Signed-off-by: Jaihind Yadav <jaihindyadav@codeaurora.org> Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org> [PM: merge fuzz, minor description cleanup] Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/avc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 83eef39c8a79..d52be7b9f08c 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -896,7 +896,7 @@ static int avc_update_node(struct selinux_avc *avc,
if (orig->ae.xp_node) {
rc = avc_xperms_populate(node, orig->ae.xp_node);
if (rc) {
- kmem_cache_free(avc_node_cachep, node);
+ avc_node_kill(avc, node);
goto out_unlock;
}
}