}
extern void selinux_complete_init(void);
+static int security_preserve_bools(struct policydb *p);
/**
* security_load_policy - Load a security policy configuration.
goto err;
}
+ rc = security_preserve_bools(&newpolicydb);
+ if (rc) {
+ printk(KERN_ERR "security: unable to preserve booleans\n");
+ goto err;
+ }
+
/* Clone the SID table. */
sidtab_shutdown(&sidtab);
if (sidtab_map(&sidtab, clone_sid, &newsidtab)) {
return rc;
}
+static int security_preserve_bools(struct policydb *p)
+{
+ int rc, nbools = 0, *bvalues = NULL, i;
+ char **bnames = NULL;
+ struct cond_bool_datum *booldatum;
+ struct cond_node *cur;
+
+ rc = security_get_bools(&nbools, &bnames, &bvalues);
+ if (rc)
+ goto out;
+ for (i = 0; i < nbools; i++) {
+ booldatum = hashtab_search(p->p_bools.table, bnames[i]);
+ if (booldatum)
+ booldatum->state = bvalues[i];
+ }
+ for (cur = p->cond_list; cur != NULL; cur = cur->next) {
+ rc = evaluate_cond_node(p, cur);
+ if (rc)
+ goto out;
+ }
+
+out:
+ if (bnames) {
+ for (i = 0; i < nbools; i++)
+ kfree(bnames[i]);
+ }
+ kfree(bnames);
+ kfree(bvalues);
+ return rc;
+}
+
/*
* security_sid_mls_copy() - computes a new sid based on the given
* sid and the mls portion of mls_sid.