[PATCH] security: use default hook return value in call_int_hook()

Paul Moore paul at paul-moore.com
Tue Feb 13 23:14:44 UTC 2024


On Tue, Jan 30, 2024 at 11:47 AM Casey Schaufler <casey at schaufler-ca.com> wrote:
> On 1/30/2024 4:56 AM, Ondrej Mosnacek wrote:

...

> > @@ -2629,21 +2603,15 @@ EXPORT_SYMBOL(security_inode_copy_up);
> >   */
> >  int security_inode_copy_up_xattr(const char *name)
> >  {
> > -     struct security_hook_list *hp;
> > -     int rc;
> > -
> >       /*
> >        * The implementation can return 0 (accept the xattr), 1 (discard the
> >        * xattr), -EOPNOTSUPP if it does not know anything about the xattr or
> >        * any other error code in case of an error.
> >        */
> > -     hlist_for_each_entry(hp,
> > -                          &security_hook_heads.inode_copy_up_xattr, list) {
> > -             rc = hp->hook.inode_copy_up_xattr(name);
> > -             if (rc != LSM_RET_DEFAULT(inode_copy_up_xattr))
> > -                     return rc;
> > -     }
> > +     int rc = call_int_hook(inode_copy_up_xattr, name);
>
> I think this is the only place call_int_hook() is used in a
> declaration. Maybe break it up into:
>
>         int rc;
>
>         rc = call_int_hook(inode_copy_up_xattr, name);
>
> Not a big deal, I won't fuss over it, but it might make the next mass
> overhaul a touch simpler.

I'm not sure I care too much about that, but as you say it's pretty
trivial, I can make the change during the merge if Ondrej is okay with
it.

> Even more trivial: use ret instead of rc.

If I'm going to be nitpicky I tend to prefer "rc" over "ret" these
days for return values, and using a very crude metric (below) it looks
like we have more instances of "rc" than "ret" in security.c ...

% git show-ref HEAD
7e90b5c295ec1e47c8ad865429f046970c549a66 refs/remotes/linus/HEAD
% grep "int rc" security/security.c | wc -l
28
% grep "int ret" security/security.c | wc -l
16

-- 
paul-moore.com



More information about the Linux-security-module-archive mailing list