From f655aadc24f06a4cf600c2d96fb513351b02cbe4 Mon Sep 17 00:00:00 2001 From: Jeff Mahoney <jeffm@novell.com> Date: Thu, 18 Nov 2004 22:41:23 -0800 Subject: [PATCH] [PATCH] selinux: cache not freed if load_policy fails; reload BUG's If security_load_policy() fails on the first try, the cache is never cleaned up. When the policy is fixed and a reload is attempted, the old cache will still exist, causing a BUG() in kmem_cache_create(). This patch adds a destroy operation to clean up the cache on failure. Signed-off-by: Jeff Mahoney <jeffm@novell.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org> --- security/selinux/ss/avtab.c | 5 +++++ security/selinux/ss/avtab.h | 1 + security/selinux/ss/services.c | 2 ++ 3 files changed, 8 insertions(+) diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c index 66fbdbb58be8..bcfec76741f7 100644 --- a/security/selinux/ss/avtab.c +++ b/security/selinux/ss/avtab.c @@ -407,3 +407,8 @@ void avtab_cache_init(void) sizeof(struct avtab_node), 0, SLAB_PANIC, NULL, NULL); } + +void avtab_cache_destroy(void) +{ + kmem_cache_destroy (avtab_node_cachep); +} diff --git a/security/selinux/ss/avtab.h b/security/selinux/ss/avtab.h index f1d17575d926..f636ac844a48 100644 --- a/security/selinux/ss/avtab.h +++ b/security/selinux/ss/avtab.h @@ -79,6 +79,7 @@ struct avtab_node *avtab_search_node(struct avtab *h, struct avtab_key *key, int struct avtab_node *avtab_search_node_next(struct avtab_node *node, int specified); void avtab_cache_init(void); +void avtab_cache_destroy(void); #define AVTAB_HASH_BITS 15 #define AVTAB_HASH_BUCKETS (1 << AVTAB_HASH_BITS) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index cad425719719..97341688c5dd 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1037,11 +1037,13 @@ int security_load_policy(void *data, size_t len) avtab_cache_init(); if (policydb_read(&policydb, fp)) { LOAD_UNLOCK; + avtab_cache_destroy(); return -EINVAL; } if (policydb_load_isids(&policydb, &sidtab)) { LOAD_UNLOCK; policydb_destroy(&policydb); + avtab_cache_destroy(); return -EINVAL; } ss_initialized = 1; -- 2.30.9