diff options
Diffstat (limited to 'security/selinux/netif.c')
| -rw-r--r-- | security/selinux/netif.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/security/selinux/netif.c b/security/selinux/netif.c index ee49a7382875..013d3117a86b 100644 --- a/security/selinux/netif.c +++ b/security/selinux/netif.c | |||
| @@ -157,8 +157,12 @@ static int sel_netif_sid_slow(int ifindex, u32 *sid) | |||
| 157 | * currently support containers */ | 157 | * currently support containers */ |
| 158 | 158 | ||
| 159 | dev = dev_get_by_index(&init_net, ifindex); | 159 | dev = dev_get_by_index(&init_net, ifindex); |
| 160 | if (dev == NULL) | 160 | if (unlikely(dev == NULL)) { |
| 161 | printk(KERN_WARNING | ||
| 162 | "SELinux: failure in sel_netif_sid_slow()," | ||
| 163 | " invalid network interface (%d)\n", ifindex); | ||
| 161 | return -ENOENT; | 164 | return -ENOENT; |
| 165 | } | ||
| 162 | 166 | ||
| 163 | spin_lock_bh(&sel_netif_lock); | 167 | spin_lock_bh(&sel_netif_lock); |
| 164 | netif = sel_netif_find(ifindex); | 168 | netif = sel_netif_find(ifindex); |
| @@ -184,8 +188,13 @@ static int sel_netif_sid_slow(int ifindex, u32 *sid) | |||
| 184 | out: | 188 | out: |
| 185 | spin_unlock_bh(&sel_netif_lock); | 189 | spin_unlock_bh(&sel_netif_lock); |
| 186 | dev_put(dev); | 190 | dev_put(dev); |
| 187 | if (ret != 0) | 191 | if (unlikely(ret)) { |
| 192 | printk(KERN_WARNING | ||
| 193 | "SELinux: failure in sel_netif_sid_slow()," | ||
| 194 | " unable to determine network interface label (%d)\n", | ||
| 195 | ifindex); | ||
| 188 | kfree(new); | 196 | kfree(new); |
| 197 | } | ||
| 189 | return ret; | 198 | return ret; |
| 190 | } | 199 | } |
| 191 | 200 | ||