selinux: drop the BUG() in cred_has_capability()

With the compile time check located immediately above the cred_has_capability() function ensuring that we will notice if the capability set grows beyond 63 capabilities, we can safely remove the BUG() call from the cred_has_capability(). Signed-off-by: Paul Moore <paul@paul-moore.com>
2026-02-12 17:04:16 -05:00 · 2026-01-14 16:23:47 -05:00
parent b07b6f0c5d
commit ea64aa57d5
1 changed files with 0 additions and 1 deletions
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1659,7 +1659,6 @@ static int cred_has_capability(const struct cred *cred,
 		break;
 	default:
 		pr_err("SELinux:  out of range capability %d\n", cap);
-		BUG();
 		return -EINVAL;
 	}