summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorPaul Moore <paul@paul-moore.com>2019-12-23 16:38:36 -0500
committerPaul Moore <paul@paul-moore.com>2019-12-23 16:38:36 -0500
commit15b590a81fcdd44ddcb4810f2a6334df8b6ca512 (patch)
tree02a5e1441d741d2629d391a63ec0c54d4c6a6ce7 /security
parent030b995ad9ece9fa2d218af4429c1c78c2342096 (diff)
selinux: ensure the policy has been loaded before reading the sidtab stats
Check to make sure we have loaded a policy before we query the sidtab's hash stats. Failure to do so could result in a kernel panic/oops due to a dereferenced NULL pointer. Fixes: 66f8e2f03c02 ("selinux: sidtab reverse lookup hash table") Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/ss/services.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 743b85ede4ef..c9e38f1ede02 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1286,6 +1286,12 @@ int security_sidtab_hash_stats(struct selinux_state *state, char *page)
{
int rc;
+ if (!state->initialized) {
+ pr_err("SELinux: %s: called before initial load_policy\n",
+ __func__);
+ return -EINVAL;
+ }
+
read_lock(&state->ss->policy_rwlock);
rc = sidtab_hash_stats(state->ss->sidtab, page);
read_unlock(&state->ss->policy_rwlock);