[PATCH v1 7/9] landlock: Clean up get_ruleset_from_fd()
Mickaël Salaün
mic at digikod.net
Wed Nov 11 21:34:40 UTC 2020
Rewrite get_ruleset_from_fd() to please the 0-DAY CI Kernel Test Service
that reported an uninitialized variable (false positive). Anyway, it is
cleaner like this.
Cc: James Morris <jmorris at namei.org>
Cc: Jann Horn <jannh at google.com>
Cc: Serge E. Hallyn <serge at hallyn.com>
Link: https://lore.kernel.org/linux-security-module/202011101854.zGbWwusK-lkp@intel.com/
Reported-by: kernel test robot <lkp at intel.com>
Signed-off-by: Mickaël Salaün <mic at digikod.net>
---
security/landlock/syscall.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/security/landlock/syscall.c b/security/landlock/syscall.c
index 486136d4f46e..543ae36cd339 100644
--- a/security/landlock/syscall.c
+++ b/security/landlock/syscall.c
@@ -196,24 +196,26 @@ static struct landlock_ruleset *get_ruleset_from_fd(const int fd,
{
struct fd ruleset_f;
struct landlock_ruleset *ruleset;
- int err;
ruleset_f = fdget(fd);
if (!ruleset_f.file)
return ERR_PTR(-EBADF);
/* Checks FD type and access right. */
- err = 0;
- if (ruleset_f.file->f_op != &ruleset_fops)
- err = -EBADFD;
- else if (!(ruleset_f.file->f_mode & mode))
- err = -EPERM;
- if (!err) {
- ruleset = ruleset_f.file->private_data;
- landlock_get_ruleset(ruleset);
+ if (ruleset_f.file->f_op != &ruleset_fops) {
+ ruleset = ERR_PTR(-EBADFD);
+ goto out_fdput;
}
+ if (!(ruleset_f.file->f_mode & mode)) {
+ ruleset = ERR_PTR(-EPERM);
+ goto out_fdput;
+ }
+ ruleset = ruleset_f.file->private_data;
+ landlock_get_ruleset(ruleset);
+
+out_fdput:
fdput(ruleset_f);
- return err ? ERR_PTR(err) : ruleset;
+ return ruleset;
}
/* Path handling */
--
2.29.2
More information about the Linux-security-module-archive
mailing list