From: Jeff Vander Stoep <jeffv@google.com>
Date: Tue, 21 Apr 2015 00:45:42 +0000 (-0700)
Subject: SELinux: use deletion-safe iterator to free list
X-Git-Tag: firefly_0821_release~4090^2~18
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=98a4d82a78914c2496989d669ecae04dedcf361f;p=firefly-linux-kernel-4.4.55.git

SELinux: use deletion-safe iterator to free list

This code is not exercised by policy version 26, but will be upon
upgrade to policy version 30.

Bug: 18087110
Change-Id: I07c6f34607713294a6a12c43a64d9936f0602200
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
---

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 5c8e7cfa9de3..f3dbbc0f15dd 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -298,13 +298,15 @@ static void avc_operation_decision_free(
 
 static void avc_operation_free(struct avc_operation_node *ops_node)
 {
-	struct avc_operation_decision_node *od_node;
+	struct avc_operation_decision_node *od_node, *tmp;
 
 	if (!ops_node)
 		return;
 
-	list_for_each_entry(od_node, &ops_node->od_head, od_list)
+	list_for_each_entry_safe(od_node, tmp, &ops_node->od_head, od_list) {
+		list_del(&od_node->od_list);
 		avc_operation_decision_free(od_node);
+	}
 	kmem_cache_free(avc_operation_node_cachep, ops_node);
 }