+ rc = security_sid_to_context(isec->sid, &context, &len);
+ if (rc)
+ goto out;
+
+ /* Probe for required buffer size */
+ if (!buffer || !size) {
+ rc = len;
+ goto out_free;
+ }
+
+ if (size < len) {
+ rc = -ERANGE;
+ goto out_free;
+ }
+
+ if (err > 0) {
+ if ((len == err) && !(memcmp(context, buffer, len))) {
+ /* Don't need to canonicalize value */
+ rc = err;
+ goto out_free;
+ }
+ memset(buffer, 0, size);
+ }
+ memcpy(buffer, context, len);
+ rc = len;
+out_free:
+ kfree(context);
+out:
+ return rc;