On Wed, Jul 13, 2016 at 4:54 AM, Robert Watson <rwat...@freebsd.org> wrote:
> On Mon, 11 Jul 2016, Garrett Cooper wrote:
>
>> Add missing default case to capable(..) function definition
>>
>> By definition (enum __drm_capabilities), cases other than CAP_SYS_ADMIN
>> aren't possible. Add in a KASSERT safety belt and return false in
>> !INVARIANTS case if an invalid value is passed in, as it would be a
>> programmer error.
>>
>> This fixes a -Wreturn-type error with gcc 5.3.0.
>>
>> Differential Revision: https://reviews.freebsd.org/D7188
>> MFC after: 1 week
>> Reported by: devel/amd64-gcc (5.3.0)
>> Reviewed by: dumbbell
>> Sponsored by: EMC / Isilon Storage Division
>
> Per my comment in the review, I think a panic() here would be preferable to
> a KASSERT(), as it would come without perceptible runtime cost, and failstop
> the system if we were violating a design-time security invariant.
Good point. I'll commit the change tonight.
Thanks!
-Ngie
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
