[PATCH v1 7/9] landlock: Clean up get_ruleset_from_fd()

Mickaël Salaün mic at digikod.net
Wed Nov 11 21:34:40 UTC 2020


Rewrite get_ruleset_from_fd() to please the 0-DAY CI Kernel Test Service
that reported an uninitialized variable (false positive).  Anyway, it is
cleaner like this.

Cc: James Morris <jmorris at namei.org>
Cc: Jann Horn <jannh at google.com>
Cc: Serge E. Hallyn <serge at hallyn.com>
Link: https://lore.kernel.org/linux-security-module/202011101854.zGbWwusK-lkp@intel.com/
Reported-by: kernel test robot <lkp at intel.com>
Signed-off-by: Mickaël Salaün <mic at digikod.net>
---
 security/landlock/syscall.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/security/landlock/syscall.c b/security/landlock/syscall.c
index 486136d4f46e..543ae36cd339 100644
--- a/security/landlock/syscall.c
+++ b/security/landlock/syscall.c
@@ -196,24 +196,26 @@ static struct landlock_ruleset *get_ruleset_from_fd(const int fd,
 {
 	struct fd ruleset_f;
 	struct landlock_ruleset *ruleset;
-	int err;
 
 	ruleset_f = fdget(fd);
 	if (!ruleset_f.file)
 		return ERR_PTR(-EBADF);
 
 	/* Checks FD type and access right. */
-	err = 0;
-	if (ruleset_f.file->f_op != &ruleset_fops)
-		err = -EBADFD;
-	else if (!(ruleset_f.file->f_mode & mode))
-		err = -EPERM;
-	if (!err) {
-		ruleset = ruleset_f.file->private_data;
-		landlock_get_ruleset(ruleset);
+	if (ruleset_f.file->f_op != &ruleset_fops) {
+		ruleset = ERR_PTR(-EBADFD);
+		goto out_fdput;
 	}
+	if (!(ruleset_f.file->f_mode & mode)) {
+		ruleset = ERR_PTR(-EPERM);
+		goto out_fdput;
+	}
+	ruleset = ruleset_f.file->private_data;
+	landlock_get_ruleset(ruleset);
+
+out_fdput:
 	fdput(ruleset_f);
-	return err ? ERR_PTR(err) : ruleset;
+	return ruleset;
 }
 
 /* Path handling */
-- 
2.29.2



More information about the Linux-security-module-archive mailing list