[PATCH V35 23/29] bpf: Restrict bpf when kernel lockdown is in confidentiality mode

[Matthew Garrett]

On Mon, Jul 15, 2019 at 3:54 PM Daniel Borkmann <daniel at iogearbox.net> wrote:
> Hmm, does security_locked_down() ever return a code > 0 or why do you
> have the double check on return code? If not, then for clarity the
> ret code from security_locked_down() should be checked as 'ret < 0'
> as well and out label should be at the memset directly instead.

It doesn't, so I'll update. Thanks!