diff options
author | Harry Ciao <qingtao.cao@windriver.com> | 2011-04-07 14:12:57 +0800 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2011-04-07 12:00:26 -0400 |
commit | 1214eac73f798bccabc6adb55e7b2d787527c13c (patch) | |
tree | 4b379622da0d56be88d7ea87af558ef719317c7d | |
parent | eba71de2cb7c02c5ae4f2ad3656343da71bc4661 (diff) |
Initialize policydb.process_class eariler.
Initialize policydb.process_class once all symtabs read from policy image,
so that it could be used to setup the role_trans.tclass field when a lower
version policy.X is loaded.
Signed-off-by: Harry Ciao <qingtao.cao@windriver.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
-rw-r--r-- | security/selinux/ss/policydb.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index a493eae24e0..82373eb2dc9 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -2275,6 +2275,11 @@ int policydb_read(struct policydb *p, void *fp) p->symtab[i].nprim = nprim; } + rc = -EINVAL; + p->process_class = string_to_security_class(p, "process"); + if (!p->process_class) + goto bad; + rc = avtab_read(&p->te_avtab, fp, p); if (rc) goto bad; @@ -2359,11 +2364,6 @@ int policydb_read(struct policydb *p, void *fp) goto bad; rc = -EINVAL; - p->process_class = string_to_security_class(p, "process"); - if (!p->process_class) - goto bad; - - rc = -EINVAL; p->process_trans_perms = string_to_av_perm(p, p->process_class, "transition"); p->process_trans_perms |= string_to_av_perm(p, p->process_class, "dyntransition"); if (!p->process_trans_perms) |