From c7dfa88be1bdf699aafdb5a2f8b597fba56810f0 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Mon, 19 Oct 2009 10:08:50 -0400
Subject: [PATCH] --- yaml --- r: 169156 b: refs/heads/master c:
 b7f3008ad1d795935551e4dd810b0255a7bfa3c9 h: refs/heads/master v: v3

---
 [refs]                               |  2 +-
 trunk/security/selinux/ss/services.c | 10 +++++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/[refs] b/[refs]
index 10c4a76f195b..e97f885fe076 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 825332e4ff1373c55d931b49408df7ec2298f71e
+refs/heads/master: b7f3008ad1d795935551e4dd810b0255a7bfa3c9
diff --git a/trunk/security/selinux/ss/services.c b/trunk/security/selinux/ss/services.c
index f270e378c0e4..77f6e54bb43f 100644
--- a/trunk/security/selinux/ss/services.c
+++ b/trunk/security/selinux/ss/services.c
@@ -935,19 +935,22 @@ int security_compute_av(u32 ssid,
 	u32 requested;
 	int rc;
 
+	read_lock(&policy_rwlock);
+
 	if (!ss_initialized)
 		goto allow;
 
-	read_lock(&policy_rwlock);
 	requested = unmap_perm(orig_tclass, orig_requested);
 	tclass = unmap_class(orig_tclass);
 	if (unlikely(orig_tclass && !tclass)) {
 		if (policydb.allow_unknown)
 			goto allow;
-		return -EINVAL;
+		rc = -EINVAL;
+		goto out;
 	}
 	rc = security_compute_av_core(ssid, tsid, tclass, requested, avd);
 	map_decision(orig_tclass, avd, policydb.allow_unknown);
+out:
 	read_unlock(&policy_rwlock);
 	return rc;
 allow:
@@ -956,7 +959,8 @@ int security_compute_av(u32 ssid,
 	avd->auditdeny = 0xffffffff;
 	avd->seqno = latest_granting;
 	avd->flags = 0;
-	return 0;
+	rc = 0;
+	goto out;
 }
 
 int security_compute_av_user(u32 ssid,