selinux: ignore unknown extended permissions

When evaluating extended permissions, ignore unknown permissions instead
of calling BUG(). This commit ensures that future permissions can be
added without interfering with older kernels.

Cc: stable@vger.kernel.org
Fixes: fa1aa143ac4a ("selinux: extended permissions for ioctls")
Signed-off-by: Thiébaud Weksteen <tweek@google.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 971c45d576ba1fdd570f77015e0944954a5803a1..3d5c563cfc4c86a4ca38ace8008a500595767ce3 100644 (file)
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -979,7 +979,10 @@ void services_compute_xperms_decision(struct extended_perms_decision *xpermd,
                        return;
                break;
        default:
-               BUG();
+               pr_warn_once(
+                       "SELinux: unknown extended permission (%u) will be ignored\n",
+                       node->datum.u.xperms->specified);
+               return;
        }
 
        if (node->key.specified == AVTAB_XPERMS_ALLOWED) {
@@ -998,7 +1001,8 @@ void services_compute_xperms_decision(struct extended_perms_decision *xpermd,
                                            &node->datum.u.xperms->perms,
                                            xpermd->dontaudit);
        } else {
-               BUG();
+               pr_warn_once("SELinux: unknown specified key (%u)\n",
+                            node->key.specified);
        }
 }