selinux: replace BUG_ONs with WARN_ONs in avc.c

These checks are only guarding against programming errors that could silently grant too many permissions. These cases are better handled with WARN_ON(), since it doesn't really help much to crash the machine in this case. Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: Ondrej Mosnacek <omosnace@redhat.com> 2019-01-28 16:43:33 +0100
committer: Paul Moore <paul@paul-moore.com> 2019-01-28 18:10:28 -0500
commit: e6f2f381e4015386a656a369835f949c26000e6b (patch)
tree: dc68f80a85a1763ddb8fbe6cf03d569accffcbef /security/selinux
parent: selinux: log invalid contexts in AVCs (diff)
download: linux-dev-e6f2f381e4015386a656a369835f949c26000e6b.tar.xz
linux-dev-e6f2f381e4015386a656a369835f949c26000e6b.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 3a27418b20d7..33863298a9b5 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -1059,7 +1059,8 @@ int avc_has_extended_perms(struct selinux_state *state,
 	int rc = 0, rc2;
 
 	xp_node = &local_xp_node;
-	BUG_ON(!requested);
+	if (WARN_ON(!requested))
+		return -EACCES;
 
 	rcu_read_lock();
 
@@ -1149,7 +1150,8 @@ inline int avc_has_perm_noaudit(struct selinux_state *state,
 	int rc = 0;
 	u32 denied;
 
-	BUG_ON(!requested);
+	if (WARN_ON(!requested))
+		return -EACCES;
 
 	rcu_read_lock();
author	Ondrej Mosnacek <omosnace@redhat.com>	2019-01-28 16:43:33 +0100
committer	Paul Moore <paul@paul-moore.com>	2019-01-28 18:10:28 -0500
commit	e6f2f381e4015386a656a369835f949c26000e6b (patch)
tree	dc68f80a85a1763ddb8fbe6cf03d569accffcbef /security/selinux
parent	selinux: log invalid contexts in AVCs (diff)
download	linux-dev-e6f2f381e4015386a656a369835f949c26000e6b.tar.xz linux-dev-e6f2f381e4015386a656a369835f949c26000e6b.zip