selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_ne…

…tlbl_cat() Move the NetLabel secattr MLS category import logic into mls_import_netlbl_cat() where it belongs, and use the mls_import_netlbl_cat() function in security_netlbl_secattr_to_sid(). Reported-by: Rickard Strandqvist <[email protected]> Signed-off-by: Paul Moore <[email protected]>
lucamilanesio · Apr 7, 2015 · da8026f · da8026f
1 parent 83d4a80
commit da8026f
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 12 deletions.
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
@@ -654,19 +654,15 @@ int mls_import_netlbl_cat(struct context *context,
 
 	rc = ebitmap_netlbl_import(&context->range.level[0].cat,
 				   secattr->attr.mls.cat);
-	if (rc != 0)
-		goto import_netlbl_cat_failure;
-
-	rc = ebitmap_cpy(&context->range.level[1].cat,
-			 &context->range.level[0].cat);
-	if (rc != 0)
+	if (rc)
 		goto import_netlbl_cat_failure;
+	memcpy(&context->range.level[1].cat, &context->range.level[0].cat,
+	       sizeof(context->range.level[0].cat));
 
 	return 0;
 
 import_netlbl_cat_failure:
 	ebitmap_destroy(&context->range.level[0].cat);
-	ebitmap_destroy(&context->range.level[1].cat);
 	return rc;
 }
 #endif /* CONFIG_NETLABEL */
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
@@ -3179,13 +3179,9 @@ int security_netlbl_secattr_to_sid(struct netlbl_lsm_secattr *secattr,
 		ctx_new.type = ctx->type;
 		mls_import_netlbl_lvl(&ctx_new, secattr);
 		if (secattr->flags & NETLBL_SECATTR_MLS_CAT) {
-			rc = ebitmap_netlbl_import(&ctx_new.range.level[0].cat,
-						   secattr->attr.mls.cat);
+			rc = mls_import_netlbl_cat(&ctx_new, secattr);
 			if (rc)
 				goto out;
-			memcpy(&ctx_new.range.level[1].cat,
-			       &ctx_new.range.level[0].cat,
-			       sizeof(ctx_new.range.level[0].cat));
 		}
 		rc = -EIDRM;
 		if (!mls_context_isvalid(&policydb, &ctx_new))