diff options
| author | Paul Moore <paul@paul-moore.com> | 2016-03-28 15:16:53 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2016-04-05 16:10:55 -0400 |
| commit | 4b57d6bcd94034e2eb168bdec2474e3b2b848e44 (patch) | |
| tree | be44e587a3fa8aee2746367208a6faed4848a2f9 | |
| parent | 899134f2f6e27dcae1fee12593c492577cc80987 (diff) | |
| download | op-kernel-dev-4b57d6bcd94034e2eb168bdec2474e3b2b848e44.zip op-kernel-dev-4b57d6bcd94034e2eb168bdec2474e3b2b848e44.tar.gz | |
selinux: simply inode label states to INVALID and INITIALIZED
There really is no need for LABEL_MISSING as we really only care if
the inode's label is INVALID or INITIALIZED. Also adjust the
revalidate code to reload the label whenever the label is not
INITIALIZED so we are less sensitive to label state in the future.
Signed-off-by: Paul Moore <paul@paul-moore.com>
| -rw-r--r-- | security/selinux/hooks.c | 2 | ||||
| -rw-r--r-- | security/selinux/include/objsec.h | 5 |
2 files changed, 3 insertions, 4 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 65642be..dd1fbea 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -259,7 +259,7 @@ static int __inode_security_revalidate(struct inode *inode, might_sleep_if(may_sleep); - if (isec->initialized == LABEL_INVALID) { + if (isec->initialized != LABEL_INITIALIZED) { if (!may_sleep) return -ECHILD; diff --git a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h index a2ae054..c21e135 100644 --- a/security/selinux/include/objsec.h +++ b/security/selinux/include/objsec.h @@ -38,9 +38,8 @@ struct task_security_struct { }; enum label_initialized { - LABEL_MISSING, /* not initialized */ - LABEL_INITIALIZED, /* inizialized */ - LABEL_INVALID /* invalid */ + LABEL_INVALID, /* invalid or not initialized */ + LABEL_INITIALIZED /* initialized */ }; struct inode_security_struct { |
