hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

selinux: replace BUG_ONs with WARN_ONs in avc.c 

These checks are only guarding against programming errors that could
silently grant too many permissions. These cases are better handled with
WARN_ON(), since it doesn't really help much to crash the machine in
this case.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Ondrej Mosnacek 2019-01-28 16:43:33 +01:00 committed by Paul Moore
parent fede148324
commit e6f2f381e4
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
security/selinux/avc.c
View File

@ -1059,7 +1059,8 @@ int avc_has_extended_perms(struct selinux_state *state,
int rc = 0, rc2;
xp_node = &local_xp_node;
BUG_ON(!requested);
if (WARN_ON(!requested))
return -EACCES;
rcu_read_lock();
@ -1149,7 +1150,8 @@ inline int avc_has_perm_noaudit(struct selinux_state *state,
int rc = 0;
u32 denied;
BUG_ON(!requested);
if (WARN_ON(!requested))
return -EACCES;
rcu_read_lock();