From: Wei Yongjun <weiyongjun1@huawei.com>
Date: Sat, 10 Sep 2016 07:43:48 +0000 (+0000)
Subject: selinux: fix error return code in policydb_read()
X-Git-Tag: v4.9-rc1~130^2~2^2
X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=9b6a9ecc2d88ccdc57efc22d69436b9dd7e2eceb;p=linux.git

selinux: fix error return code in policydb_read()

Fix to return error code -EINVAL from the error handling case instead
of 0 (rc is overwrite to 0 when policyvers >=
POLICYDB_VERSION_ROLETRANS), as done elsewhere in this function.

Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com>
[PM: normalize "selinux" in patch subject, description line wrap]
Signed-off-by: Paul Moore <paul@paul-moore.com>
---

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 8c661f0451ec..ace683838d80 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -2417,6 +2417,7 @@ int policydb_read(struct policydb *p, void *fp)
 		} else
 			tr->tclass = p->process_class;
 
+		rc = -EINVAL;
 		if (!policydb_role_isvalid(p, tr->role) ||
 		    !policydb_type_isvalid(p, tr->type) ||
 		    !policydb_class_isvalid(p, tr->tclass) ||