[PATCH v7 05/16] LSM: Multiple modules using security_ismaclabel

[Casey Schaufler]

Correct the infrastructure logic calling ismaclabel hooks
to reflect the yes/no result of the call. Instead of the
usual "any failure is an error" this hook uses "any success
is success".

Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>
---
 security/security.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/security/security.c b/security/security.c
index 87cb3562646b..13102d16bf2c 100644
--- a/security/security.c
+++ b/security/security.c
@@ -2212,7 +2212,12 @@ int security_netlink_send(struct sock *sk, struct sk_buff *skb)
 
 int security_ismaclabel(const char *name)
 {
-	return call_int_hook(ismaclabel, 0, name);
+	struct security_hook_list *hp;
+
+	hlist_for_each_entry(hp, &security_hook_heads.ismaclabel, list)
+		if (hp->hook.ismaclabel(name) != 0)
+			return 1;
+	return 0;
 }
 EXPORT_SYMBOL(security_ismaclabel);
 
-- 
2.20.1