- if (policy && !policy_check_own(policy, ucred->uid, ucred->gid, name))
- return synthetic_reply_method_errno(m, -EPERM, NULL);
+ if (sp) {
+ Policy *policy;
+ bool denied;
+
+ policy = shared_policy_acquire(sp);
+ denied = !policy_check_own(policy, ucred->uid, ucred->gid, name);
+ shared_policy_release(sp, policy);
+ if (denied)
+ return synthetic_reply_method_errno(m, -EPERM, NULL);
+ }