Merge branch 'merge-fixes' into devel

author: Russell King <rmk@dyn-67.arm.linux.org.uk> 2008-04-19 17:17:34 +0100
committer: Russell King <rmk+kernel@arm.linux.org.uk> 2008-04-19 17:17:34 +0100
commit: cf816ecb533ab96b883dfdc0db174598b5b5c4d2 (patch)
tree: 1b7705db288ae2917105e624b01fdf81e0882bf1 /security/selinux/avc.c
parent: adf6d34e460387ee3e8f1e1875d52bff51212c7d (diff)
parent: 15f7d677ccff6f0f5de8a1ee43a792567e9f9de9 (diff)
1 files changed, 8 insertions, 5 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 187964e88af..a4fc6e6d038 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -871,6 +871,8 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
 	int rc = 0;
 	u32 denied;
 
+	BUG_ON(!requested);
+
 	rcu_read_lock();
 
 	node = avc_lookup(ssid, tsid, tclass, requested);
@@ -890,13 +892,14 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
 
 	denied = requested & ~(p_ae->avd.allowed);
 
-	if (!requested || denied) {
-		if (selinux_enforcing || (flags & AVC_STRICT))
+	if (denied) {
+		if (flags & AVC_STRICT)
 			rc = -EACCES;
+		else if (!selinux_enforcing || security_permissive_sid(ssid))
+			avc_update_node(AVC_CALLBACK_GRANT, requested, ssid,
+					tsid, tclass);
 		else
-			if (node)
-				avc_update_node(AVC_CALLBACK_GRANT,requested,
-						ssid,tsid,tclass);
+			rc = -EACCES;
 	}
 
 	rcu_read_unlock();
author	Russell King <rmk@dyn-67.arm.linux.org.uk>	2008-04-19 17:17:34 +0100
committer	Russell King <rmk+kernel@arm.linux.org.uk>	2008-04-19 17:17:34 +0100
commit	cf816ecb533ab96b883dfdc0db174598b5b5c4d2 (patch)
tree	1b7705db288ae2917105e624b01fdf81e0882bf1 /security/selinux/avc.c
parent	adf6d34e460387ee3e8f1e1875d52bff51212c7d (diff)
parent	15f7d677ccff6f0f5de8a1ee43a792567e9f9de9 (diff)