From f655aadc24f06a4cf600c2d96fb513351b02cbe4 Mon Sep 17 00:00:00 2001
From: Jeff Mahoney <jeffm@novell.com>
Date: Thu, 18 Nov 2004 22:41:23 -0800
Subject: [PATCH] [PATCH] selinux: cache not freed if load_policy fails; reload
 BUG's

If security_load_policy() fails on the first try, the cache is never cleaned
up. When the policy is fixed and a reload is attempted, the old cache will
still exist, causing a BUG() in kmem_cache_create().

This patch adds a destroy operation to clean up the cache on failure.

Signed-off-by: Jeff Mahoney <jeffm@novell.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---
 security/selinux/ss/avtab.c    | 5 +++++
 security/selinux/ss/avtab.h    | 1 +
 security/selinux/ss/services.c | 2 ++
 3 files changed, 8 insertions(+)

diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
index 66fbdbb58be8..bcfec76741f7 100644
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -407,3 +407,8 @@ void avtab_cache_init(void)
 					      sizeof(struct avtab_node),
 					      0, SLAB_PANIC, NULL, NULL);
 }
+
+void avtab_cache_destroy(void)
+{
+	kmem_cache_destroy (avtab_node_cachep);
+}
diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h
index f1d17575d926..f636ac844a48 100644
--- a/security/selinux/ss/avtab.h
+++ b/security/selinux/ss/avtab.h
@@ -79,6 +79,7 @@ struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_key *key, int
 struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified);
 
 void avtab_cache_init(void);
+void avtab_cache_destroy(void);
 
 #define AVTAB_HASH_BITS 15
 #define AVTAB_HASH_BUCKETS (1 << AVTAB_HASH_BITS)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index cad425719719..97341688c5dd 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1037,11 +1037,13 @@ int security_load_policy(void *data, size_t len)
 		avtab_cache_init();
 		if (policydb_read(&policydb, fp)) {
 			LOAD_UNLOCK;
+			avtab_cache_destroy();
 			return -EINVAL;
 		}
 		if (policydb_load_isids(&policydb, &sidtab)) {
 			LOAD_UNLOCK;
 			policydb_destroy(&policydb);
+			avtab_cache_destroy();
 			return -EINVAL;
 		}
 		ss_initialized = 1;
-- 
2.30.9