selinux: simply inode label states to INVALID and INITIALIZED

There really is no need for LABEL_MISSING as we really only care if
the inode's label is INVALID or INITIALIZED.  Also adjust the
revalidate code to reload the label whenever the label is not
INITIALIZED so we are less sensitive to label state in the future.

Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 65642be91644d3cda1d5ec8312cb4bff56162de3..dd1fbea37b7841a2647f55e795dc6a9ef27e2a3e 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -259,7 +259,7 @@ static int __inode_security_revalidate(struct inode *inode,
 
        might_sleep_if(may_sleep);
 
-       if (isec->initialized == LABEL_INVALID) {
+       if (isec->initialized != LABEL_INITIALIZED) {
                if (!may_sleep)
                        return -ECHILD;
 

diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h
index a2ae05414ba1919041ec582b251cbb2c39f5a651..c21e135460a5e9e42ae405e9339e5478bcbe4426 100644 (file)
--- a/security/selinux/include/objsec.h
+++ b/security/selinux/include/objsec.h
@@ -38,9 +38,8 @@ struct task_security_struct {
 };
 
 enum label_initialized {
-       LABEL_MISSING,          /* not initialized */
-       LABEL_INITIALIZED,      /* inizialized */
-       LABEL_INVALID           /* invalid */
+       LABEL_INVALID,          /* invalid or not initialized */
+       LABEL_INITIALIZED       /* initialized */
 };
 
 struct inode_security_struct {