extern const struct selinux_class_perm selinux_class_perm;
static DEFINE_RWLOCK(policy_rwlock);
-
static DEFINE_MUTEX(load_mutex);
-#define LOAD_LOCK mutex_lock(&load_mutex)
-#define LOAD_UNLOCK mutex_unlock(&load_mutex)
static struct sidtab sidtab;
struct policydb policydb;
int rc = 0;
struct policy_file file = { data, len }, *fp = &file;
- LOAD_LOCK;
+ mutex_lock(&load_mutex);
if (!ss_initialized) {
avtab_cache_init();
if (policydb_read(&policydb, fp)) {
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
avtab_cache_destroy();
return -EINVAL;
}
if (policydb_load_isids(&policydb, &sidtab)) {
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
policydb_destroy(&policydb);
avtab_cache_destroy();
return -EINVAL;
if (validate_classes(&policydb)) {
printk(KERN_ERR
"SELinux: the definition of a class is incorrect\n");
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
sidtab_destroy(&sidtab);
policydb_destroy(&policydb);
avtab_cache_destroy();
policydb_loaded_version = policydb.policyvers;
ss_initialized = 1;
seqno = ++latest_granting;
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
selinux_complete_init();
avc_ss_reset(seqno);
selnl_notify_policyload(seqno);
#endif
if (policydb_read(&newpolicydb, fp)) {
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
return -EINVAL;
}
if (sidtab_init(&newsidtab)) {
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
policydb_destroy(&newpolicydb);
return -ENOMEM;
}
seqno = ++latest_granting;
policydb_loaded_version = policydb.policyvers;
write_unlock_irq(&policy_rwlock);
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
/* Free the old policydb and SID table. */
policydb_destroy(&oldpolicydb);
return 0;
err:
- LOAD_UNLOCK;
+ mutex_unlock(&load_mutex);
sidtab_destroy(&newsidtab);
policydb_destroy(&newpolicydb);
return rc;