selinux: call WARN_ONCE() instead of calling audit_log_start() (9ad42a79) · Commits · e / devices / android_kernel_fairphone_FP5

security/selinux/ss/services.c

+4 −8

Original line number	Original line	Diff line number	Diff line
	@@ -2938,25 +2938,21 @@ int selinux_audit_rule_match(u32 sid, u32 field, u32 op, void *vrule,
	struct selinux_audit_rule *rule = vrule;		struct selinux_audit_rule *rule = vrule;
	int match = 0;		int match = 0;

	if (!rule) {		if (unlikely(!rule)) {
	audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,		WARN_ONCE(1, "selinux_audit_rule_match: missing rule\n");
	"selinux_audit_rule_match: missing rule\n");
	return -ENOENT;		return -ENOENT;
	}		}

	read_lock(&policy_rwlock);		read_lock(&policy_rwlock);

	if (rule->au_seqno < latest_granting) {		if (rule->au_seqno < latest_granting) {
	audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,
	"selinux_audit_rule_match: stale rule\n");
	match = -ESTALE;		match = -ESTALE;
	goto out;		goto out;
	}		}

	ctxt = sidtab_search(&sidtab, sid);		ctxt = sidtab_search(&sidtab, sid);
	if (!ctxt) {		if (unlikely(!ctxt)) {
	audit_log(actx, GFP_ATOMIC, AUDIT_SELINUX_ERR,		WARN_ONCE(1, "selinux_audit_rule_match: unrecognized SID %d\n",
	"selinux_audit_rule_match: unrecognized SID %d\n",
	sid);		sid);
	match = -ENOENT;		match = -ENOENT;
	goto out;		goto out;