selinux: fix error codes in cond_policydb_init()

It's better to propagate the error code from avtab_init() instead of
returning -1 (-EPERM).  It turns out that avtab_init() never fails so
this patch doesn't change how the code runs but it's still a clean up.

Signed-off-by: Dan Carpenter <error27@gmail.com>
Acked-by:  Stephen D. Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index a2b3b298e604ae4eb2174a731a592c39d6d5fff5..0389263b99ce2b3a45b43328b851cbcbe20ef7ac 100644 (file)
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -117,10 +117,14 @@ int evaluate_cond_node(struct policydb *p, struct cond_node *node)
 
 int cond_policydb_init(struct policydb *p)
 {
+       int rc;
+
        p->bool_val_to_struct = NULL;
        p->cond_list = NULL;
-       if (avtab_init(&p->te_cond_avtab))
-               return -1;
+
+       rc = avtab_init(&p->te_cond_avtab);
+       if (rc)
+               return rc;
 
        return 0;
 }