selinux: fix potential counting error in avc_add_xperms_decision()

The count increases only when a node is successfully added to
the linked list.

Cc: stable@vger.kernel.org
Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls")
Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 32eb67fb3e42c0f0e88b70ee37bf9a3afcd8e7d4..7087cd2b802d8d86599cbec57f0bbc9ce846ec89 100644 (file)
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -330,12 +330,12 @@ static int avc_add_xperms_decision(struct avc_node *node,
 {
        struct avc_xperms_decision_node *dest_xpd;
 
-       node->ae.xp_node->xp.len++;
        dest_xpd = avc_xperms_decision_alloc(src->used);
        if (!dest_xpd)
                return -ENOMEM;
        avc_copy_xperms_decision(&dest_xpd->xpd, src);
        list_add(&dest_xpd->xpd_list, &node->ae.xp_node->xpd_head);
+       node->ae.xp_node->xp.len++;
        return 0;
 }