Merge tag 'for-4.2' of git://git.sourceforge.jp/gitroot/uclinux-h8/linux

[firefly-linux-kernel-4.4.55.git] / security / selinux / avc.c

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index afcc0aed9393a6d1917b6167bf68403729dccea8..0b122b1421a9dcc7dfd26ac6f80d00d1c6a0d55e 100644 (file)
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -724,12 +724,10 @@ inline int avc_has_perm_noaudit(u32 ssid, u32 tsid,
        rcu_read_lock();
 
        node = avc_lookup(ssid, tsid, tclass);
-       if (unlikely(!node)) {
+       if (unlikely(!node))
                node = avc_compute_av(ssid, tsid, tclass, avd);
-       } else {
+       else
                memcpy(avd, &node->ae.avd, sizeof(*avd));
-               avd = &node->ae.avd;
-       }
 
        denied = requested & ~(avd->allowed);
        if (unlikely(denied))
@@ -763,7 +761,23 @@ int avc_has_perm(u32 ssid, u32 tsid, u16 tclass,
 
        rc = avc_has_perm_noaudit(ssid, tsid, tclass, requested, 0, &avd);
 
-       rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata);
+       rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata, 0);
+       if (rc2)
+               return rc2;
+       return rc;
+}
+
+int avc_has_perm_flags(u32 ssid, u32 tsid, u16 tclass,
+                      u32 requested, struct common_audit_data *auditdata,
+                      int flags)
+{
+       struct av_decision avd;
+       int rc, rc2;
+
+       rc = avc_has_perm_noaudit(ssid, tsid, tclass, requested, 0, &avd);
+
+       rc2 = avc_audit(ssid, tsid, tclass, requested, &avd, rc,
+                       auditdata, flags);
        if (rc2)
                return rc2;
        return rc;