diff options
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/avc.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 187964e88af1..cb3f0ce0b00a 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
@@ -871,6 +871,8 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid, | |||
871 | int rc = 0; | 871 | int rc = 0; |
872 | u32 denied; | 872 | u32 denied; |
873 | 873 | ||
874 | BUG_ON(!requested); | ||
875 | |||
874 | rcu_read_lock(); | 876 | rcu_read_lock(); |
875 | 877 | ||
876 | node = avc_lookup(ssid, tsid, tclass, requested); | 878 | node = avc_lookup(ssid, tsid, tclass, requested); |
@@ -890,7 +892,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid, | |||
890 | 892 | ||
891 | denied = requested & ~(p_ae->avd.allowed); | 893 | denied = requested & ~(p_ae->avd.allowed); |
892 | 894 | ||
893 | if (!requested || denied) { | 895 | if (denied) { |
894 | if (selinux_enforcing || (flags & AVC_STRICT)) | 896 | if (selinux_enforcing || (flags & AVC_STRICT)) |
895 | rc = -EACCES; | 897 | rc = -EACCES; |
896 | else | 898 | else |