On Fri, Feb 27, 2015 at 8:15 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
> On 02/26/2015 04:54 PM, Jeff Vander Stoep wrote:
>> Commit f01e1af445fa ("selinux: don't pass in NULL avd to avc_has_perm_noaudit")
>> made this pointer reassignment unnecessary. Avd should continue to reference
>> the stack-based copy.
>>
>> Signed-off-by: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
>
> Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
Thanks everyone for the patch and the review. I'll merge this next
week into selinux#next.
>> ---
>> security/selinux/avc.c | 6 ++----
>> 1 file changed, 2 insertions(+), 4 deletions(-)
>>
>> diff --git a/security/selinux/avc.c b/security/selinux/avc.c
>> index afcc0ae..3c17dda 100644
>> --- a/security/selinux/avc.c
>> +++ b/security/selinux/avc.c
>> @@ -724,12 +724,10 @@ inline int avc_has_perm_noaudit(u32 ssid, u32 tsid,
>> rcu_read_lock();
>>
>> node = avc_lookup(ssid, tsid, tclass);
>> - if (unlikely(!node)) {
>> + if (unlikely(!node))
>> node = avc_compute_av(ssid, tsid, tclass, avd);
>> - } else {
>> + else
>> memcpy(avd, &node->ae.avd, sizeof(*avd));
>> - avd = &node->ae.avd;
>> - }
>>
>> denied = requested & ~(avd->allowed);
>> if (unlikely(denied))
>>
>
--
paul moore
www.paul-moore.com
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
