summaryrefslogtreecommitdiff
path: root/security/selinux
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2016-04-18 23:41:38 +0300
committerPaul Moore <paul@paul-moore.com>2016-04-19 23:37:27 +0300
commit1ac42476263eec99fb2d3c31ee946cb44e80ddd5 (patch)
treed69cdac4dc64a6333de68d51b9697f273fb8c45c /security/selinux
parent20cdef8d57591ec8674f65ccfe555aca5fd10b64 (diff)
downloadlinux-1ac42476263eec99fb2d3c31ee946cb44e80ddd5.tar.xz
selinux: check ss_initialized before revalidating an inode label
There is no point in trying to revalidate an inode's security label if the security server is not yet initialized. Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/hooks.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b09aad7ad423..474011c46bbd 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -259,7 +259,7 @@ static int __inode_security_revalidate(struct inode *inode,
might_sleep_if(may_sleep);
- if (isec->initialized != LABEL_INITIALIZED) {
+ if (ss_initialized && isec->initialized != LABEL_INITIALIZED) {
if (!may_sleep)
return -ECHILD;