GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-07-07 06:52:07 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

selinux: remove the BUG_ON() from selinux_skb_xfrm_sid()

Browse source 
Remove the BUG_ON() from selinux_skb_xfrm_sid() and propogate the
error code up to the caller.  Also check the return values in the
only caller function, selinux_skb_peerlbl_sid().

Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
Paul Moore 2013-07-23 17:38:40 -04:00 committed by Eric Paris
parent d1b17b09f3
commit bed4d7efb3
2 changed files with 8 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
security/selinux/hooks.c
View file

@ -3722,8 +3722,12 @@ static int selinux_skb_peerlbl_sid(struct sk_buff *skb, u16 family, u32 *sid)
u32 nlbl_sid; u32 nlbl_sid;
u32 nlbl_type; u32 nlbl_type;
selinux_skb_xfrm_sid(skb, &xfrm_sid); err = selinux_skb_xfrm_sid(skb, &xfrm_sid);
selinux_netlbl_skbuff_getsid(skb, family, &nlbl_type, &nlbl_sid); if (unlikely(err))
return -EACCES;
err = selinux_netlbl_skbuff_getsid(skb, family, &nlbl_type, &nlbl_sid);
if (unlikely(err))
return -EACCES;
err = security_net_peersid_resolve(nlbl_sid, nlbl_type, xfrm_sid, sid); err = security_net_peersid_resolve(nlbl_sid, nlbl_type, xfrm_sid, sid);
if (unlikely(err)) { if (unlikely(err)) {

5
security/selinux/include/xfrm.h
View file

@ -76,10 +76,9 @@ static inline void selinux_xfrm_notify_policyload(void)
} }
#endif #endif
static inline void selinux_skb_xfrm_sid(struct sk_buff *skb, u32 *sid) static inline int selinux_skb_xfrm_sid(struct sk_buff *skb, u32 *sid)
{ {
int err = selinux_xfrm_decode_session(skb, sid, 0); return selinux_xfrm_decode_session(skb, sid, 0);
BUG_ON(err);
} }
#endif /* _SELINUX_XFRM_H_ */ #endif /* _SELINUX_XFRM_H_ */