SELinux: skip file_name_trans_write() when policy downgraded.

When policy version is less than POLICYDB_VERSION_FILENAME_TRANS,
skip file_name_trans_write().

Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Eric Paris <eparis@redhat.com>

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 102e9ec1b77a327477592b05a8e60933d348d7c1..d246aca3f4fbd43563bf01d20d78e28feb826ad8 100644 (file)
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -3222,6 +3222,9 @@ static int filename_trans_write(struct policydb *p, void *fp)
        __le32 buf[1];
        int rc;
 
+       if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS)
+               return 0;
+
        nel = 0;
        rc = hashtab_map(p->filename_trans, hashtab_cnt, &nel);
        if (rc)