On Wed, 6 Dec 2017, Paul Moore wrote: > From: Paul Moore <paul@xxxxxxxxxxxxxx> > > We can't do anything reasonable in security_bounded_transition() if we > don't have a policy loaded, and in fact we could run into problems > with some of the code inside expecting a policy. Fix these problems > like we do many others in security/selinux/ss/services.c by checking > to see if the policy is loaded (ss_initialized) and returning quickly > if it isn't. > > Reported-by: syzbot <syzkaller-bugs@xxxxxxxxxxxxxxxx> > Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> > Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx> Reviewed-by: James Morris <james.l.morris@xxxxxxxxxx> -- James Morris <james.l.morris@xxxxxxxxxx>
