aboutsummaryrefslogtreecommitdiff
path: root/security/selinux/ss
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/ss')
-rw-r--r--security/selinux/ss/policydb.c12
-rw-r--r--security/selinux/ss/services.c4
2 files changed, 12 insertions, 4 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 0111990ba83..f03960e697c 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -644,10 +644,18 @@ void policydb_destroy(struct policydb *p)
kfree(lra);
for (rt = p->range_tr; rt; rt = rt -> next) {
- kfree(lrt);
+ if (lrt) {
+ ebitmap_destroy(&lrt->range.level[0].cat);
+ ebitmap_destroy(&lrt->range.level[1].cat);
+ kfree(lrt);
+ }
lrt = rt;
}
- kfree(lrt);
+ if (lrt) {
+ ebitmap_destroy(&lrt->range.level[0].cat);
+ ebitmap_destroy(&lrt->range.level[1].cat);
+ kfree(lrt);
+ }
if (p->type_attr_map) {
for (i = 0; i < p->p_types.nprim; i++)
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index d2e80e62ff0..85e42988439 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -833,6 +833,8 @@ static int security_compute_sid(u32 ssid,
goto out;
}
+ context_init(&newcontext);
+
POLICY_RDLOCK;
scontext = sidtab_search(&sidtab, ssid);
@@ -850,8 +852,6 @@ static int security_compute_sid(u32 ssid,
goto out_unlock;
}
- context_init(&newcontext);
-
/* Set the user identity. */
switch (specified) {
case AVTAB_TRANSITION: