SELinux: Make selinux_kernel_create_files_as() shouldn't just always return 0
authorDavid Howells <dhowells@redhat.com>
Fri, 26 Feb 2010 01:56:16 +0000 (01:56 +0000)
committerJames Morris <jmorris@namei.org>
Fri, 26 Feb 2010 03:54:23 +0000 (14:54 +1100)
Make selinux_kernel_create_files_as() return an error when it gets one, rather
than unconditionally returning 0.

Without this, cachefiles doesn't return an error if the SELinux policy doesn't
let it create files with the label of the directory at the base of the cache.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
security/selinux/hooks.c

index dc7660074b992190dad09e63b0a456ebd86cef7d..5feecb41009d58420d5c702cbde9455d64b112fb 100644 (file)
@@ -3329,7 +3329,7 @@ static int selinux_kernel_create_files_as(struct cred *new, struct inode *inode)
 
        if (ret == 0)
                tsec->create_sid = isec->sid;
-       return 0;
+       return ret;
 }
 
 static int selinux_kernel_module_request(char *kmod_name)