git.baikalelectronics.ru Git - kernel.git/commit

author	Ondrej Mosnacek <omosnace@redhat.com>
	Mon, 20 Apr 2020 13:27:31 +0000 (15:27 +0200)
committer	Paul Moore <paul@paul-moore.com>
	Wed, 22 Apr 2020 19:38:10 +0000 (15:38 -0400)
commit	0d2e44983d88c82ffb94531ee73dbb1f0fcc865a
tree	a80c11e93446cc3fb79d73b6d0ef884e402a3d0b	tree \| snapshot
parent	b8e18b6ef9dafbde8f43223b7904f388a0aac650	commit \| diff

selinux: don't produce incorrect filename_trans_count

I thought I fixed the counting in filename_trans_read_helper() to count
the compat rule count correctly in the final version, but it's still
wrong. To really count the same thing as in the compat path, we'd need
to add up the cardinalities of stype bitmaps of all datums.

Since the kernel currently doesn't implement an ebitmap_cardinality()
function (and computing the proper count would just waste CPU cycles
anyway), just document that we use the field only in case of the old
format and stop updating it in filename_trans_read_helper().

Fixes: b8e18b6ef9da ("selinux: implement new format of filename transitions")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

security/selinux/ss/policydb.c		diff \| blob \| history
security/selinux/ss/policydb.h		diff \| blob \| history