On Tue, 10 Feb 2009, Eric Paris wrote:
> > > +++ b/security/selinux/ss/services.c
> > > @@ -120,16 +120,25 @@ static int constraint_expr_eval(struct context *scontext,
> > > for (e = cexpr; e; e = e->next) {
> > > switch (e->expr_type) {
> > > case CEXPR_NOT:
> > > - BUG_ON(sp < 0);
> > > + if (unlikely(sp < 0)) {
> > > + BUG();
> > > + return 0;
> > > + }
> >
> > General question: Should we in fact be panic'ing in these cases where
> > we cannot return a value that will in fact abort the computation and
> > guarantee that the operation will not proceed? Same applies to the
> > ebitmap code. Just returning 0 (false) doesn't necessarily mean that we
> > won't grant a permission, as the result may get negated.
>
> James?
Perhaps panic() in enforcing mode, otherwise print a warning.
- James
--
James Morris
<jmorris@xxxxxxxxx>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
