From 92941cb6417e81d847a4cddfd98f6805e92cbd49 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Tue, 29 Jun 2021 15:35:09 +0530
Subject: [PATCH] BACKPORT: FROMGIT: [PATCH] selinux: fix handling of
 uninitialized selinux state in  get_bools/classes

If security_get_bools/classes are called before the selinux state is
initialized (i.e. before first policy load), then they should just
return immediately with no booleans/classes.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Jebaitedneko <Jebaitedneko@gmail.com>
Signed-off-by: azrim <mirzaspc@gmail.com>
---
 security/selinux/ss/services.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 66c655b2078d..14ce839fce64 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -2831,6 +2831,13 @@ int security_get_bools(struct selinux_state *state,
 	struct policydb *policydb;
 	int i, rc;
 
+	if (!state->initialized) {
+		*len = 0;
+		*names = NULL;
+		*values = NULL;
+		return 0;
+	}
+
 	read_lock(&state->ss->policy_rwlock);
 
 	policydb = &state->ss->policydb;
@@ -3164,6 +3171,12 @@ int security_get_classes(struct selinux_state *state,
 	struct policydb *policydb = &state->ss->policydb;
 	int rc;
 
+	if (!state->initialized) {
+		*nclasses = 0;
+		*classes = NULL;
+		return 0;
+	}
+
 	read_lock(&state->ss->policy_rwlock);
 
 	rc = -ENOMEM;