RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-01-09 23:19:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

libselinux: initialize last_policyload in selinux_status_open()

Browse Source 
If not initialized to the current policyload count, an enforcing change
will trigger policyload-callbacks in selinux_status_updated().

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
This commit is contained in:
Christian Göttsche 2020-08-25 17:32:05 +02:00 committed by Stephen Smalley
parent ef902db9c8
commit a63f93d83b
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
libselinux/src/sestatus.c
View File

@ -278,9 +278,10 @@ static int fallback_cb_policyload(int policyload)
*/ */
int selinux_status_open(int fallback) int selinux_status_open(int fallback)
{ {
int fd; int fd;
char path[PATH_MAX]; char path[PATH_MAX];
long pagesize; long pagesize;
uint32_t seqno;
if (!selinux_mnt) { if (!selinux_mnt) {
errno = ENOENT; errno = ENOENT;
@ -304,6 +305,14 @@ int selinux_status_open(int fallback)
selinux_status_fd = fd; selinux_status_fd = fd;
last_seqno = (uint32_t)(-1); last_seqno = (uint32_t)(-1);
/* sequence must not be changed during references */
do {
seqno = read_sequence(selinux_status);
last_policyload = selinux_status->policyload;
} while (seqno != read_sequence(selinux_status));
/* No need to use avc threads if the kernel status page is available */ /* No need to use avc threads if the kernel status page is available */
avc_using_threads = 0; avc_using_threads = 0;