On Wed, Dec 6, 2017 at 6:51 PM, James Morris <james.l.morris@xxxxxxxxxx> wrote: > On Wed, 6 Dec 2017, Paul Moore wrote: > >> From: Paul Moore <paul@xxxxxxxxxxxxxx> >> >> We can't do anything reasonable in security_bounded_transition() if we >> don't have a policy loaded, and in fact we could run into problems >> with some of the code inside expecting a policy. Fix these problems >> like we do many others in security/selinux/ss/services.c by checking >> to see if the policy is loaded (ss_initialized) and returning quickly >> if it isn't. >> >> Reported-by: syzbot <syzkaller-bugs@xxxxxxxxxxxxxxxx> >> Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx> >> Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx> > > > Reviewed-by: James Morris <james.l.morris@xxxxxxxxxx> Thanks. I just merged the patch to selinux/next. -- paul moore www.paul-moore.com
