selinux: replace BUG_ONs with WARN_ONs in avc.c

These checks are only guarding against programming errors that could
silently grant too many permissions. These cases are better handled with
WARN_ON(), since it doesn't really help much to crash the machine in
this case.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 3a27418..3386329 100644 (file)
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -1059,7 +1059,8 @@ int avc_has_extended_perms(struct selinux_state *state,
        int rc = 0, rc2;
 
        xp_node = &local_xp_node;
-       BUG_ON(!requested);
+       if (WARN_ON(!requested))
+               return -EACCES;
 
        rcu_read_lock();
 
@@ -1149,7 +1150,8 @@ inline int avc_has_perm_noaudit(struct selinux_state *state,
        int rc = 0;
        u32 denied;
 
-       BUG_ON(!requested);
+       if (WARN_ON(!requested))
+               return -EACCES;
 
        rcu_read_lock();