diff options
| author | Stephen Smalley <stephen.smalley.work@gmail.com> | 2026-04-29 15:18:40 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2026-04-29 16:37:48 -0400 |
| commit | cf6a513f1937581eb012a217b29817e025a1a0ef (patch) | |
| tree | 5baa65392daaff83653ca932388d93f18c94f097 /security | |
| parent | ef5b517e7bacbaba03d706cd624366addf6ef33a (diff) | |
| download | linux-next-history-cf6a513f1937581eb012a217b29817e025a1a0ef.tar.gz | |
selinux: switch two allocations to use kzalloc_objs()
These were the only two allocations in the policy loading logic
that were not already using kzalloc_objs() for the policy
data structures. Fix these to be consistent with the rest and
to protect against ill-formed policy.
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/selinux/ss/conditional.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index 824c3f8961518..64f1bbb8caa07 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c @@ -165,7 +165,7 @@ void cond_policydb_destroy(struct policydb *p) int cond_init_bool_indexes(struct policydb *p) { kfree(p->bool_val_to_struct); - p->bool_val_to_struct = kmalloc_objs(*p->bool_val_to_struct, + p->bool_val_to_struct = kzalloc_objs(*p->bool_val_to_struct, p->p_bools.nprim); if (!p->bool_val_to_struct) return -ENOMEM; @@ -709,7 +709,7 @@ static int duplicate_policydb_bools(struct policydb *newdb, struct cond_bool_datum **cond_bool_array; int rc; - cond_bool_array = kmalloc_objs(*orig->bool_val_to_struct, + cond_bool_array = kzalloc_objs(*orig->bool_val_to_struct, orig->p_bools.nprim); if (!cond_bool_array) return -ENOMEM; |