RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-19 20:50:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

libsepol: Return an error if check_assertion() returns an error.

Browse Source 
Instead of calling report_assertion_failures() and treating an
error like it was a neverallow violation, just return an error.

Signed-off-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
James Carter 2022-01-11 12:38:59 -05:00
parent 4be0e2e19c
commit 521e6ad713
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libsepol/src/assertion.c
View File

@ -538,6 +538,10 @@ int check_assertions(sepol_handle_t * handle, policydb_t * p,
if (!(a->specified & (AVRULE_NEVERALLOW | AVRULE_XPERMS_NEVERALLOW)))
continue;
rc = check_assertion(p, a);
if (rc < 0) {
ERR(handle, "Error occurred while checking neverallows");
return -1;
}
if (rc) {
rc = report_assertion_failures(handle, p, a);
if (rc < 0) {