[PATCH] security: use default hook return value in call_int_hook()
Casey Schaufler
casey at schaufler-ca.com
Wed Feb 14 01:40:57 UTC 2024
On 2/13/2024 3:14 PM, Paul Moore wrote:
> On Tue, Jan 30, 2024 at 11:47 AM Casey Schaufler <casey at schaufler-ca.com> wrote:
>> On 1/30/2024 4:56 AM, Ondrej Mosnacek wrote:
> ..
>
>>> @@ -2629,21 +2603,15 @@ EXPORT_SYMBOL(security_inode_copy_up);
>>> */
>>> int security_inode_copy_up_xattr(const char *name)
>>> {
>>> - struct security_hook_list *hp;
>>> - int rc;
>>> -
>>> /*
>>> * The implementation can return 0 (accept the xattr), 1 (discard the
>>> * xattr), -EOPNOTSUPP if it does not know anything about the xattr or
>>> * any other error code in case of an error.
>>> */
>>> - hlist_for_each_entry(hp,
>>> - &security_hook_heads.inode_copy_up_xattr, list) {
>>> - rc = hp->hook.inode_copy_up_xattr(name);
>>> - if (rc != LSM_RET_DEFAULT(inode_copy_up_xattr))
>>> - return rc;
>>> - }
>>> + int rc = call_int_hook(inode_copy_up_xattr, name);
>> I think this is the only place call_int_hook() is used in a
>> declaration. Maybe break it up into:
>>
>> int rc;
>>
>> rc = call_int_hook(inode_copy_up_xattr, name);
>>
>> Not a big deal, I won't fuss over it, but it might make the next mass
>> overhaul a touch simpler.
> I'm not sure I care too much about that, but as you say it's pretty
> trivial, I can make the change during the merge if Ondrej is okay with
> it.
>
>> Even more trivial: use ret instead of rc.
> If I'm going to be nitpicky I tend to prefer "rc" over "ret" these
> days for return values, and using a very crude metric (below) it looks
> like we have more instances of "rc" than "ret" in security.c ...
>
> % git show-ref HEAD
> 7e90b5c295ec1e47c8ad865429f046970c549a66 refs/remotes/linus/HEAD
> % grep "int rc" security/security.c | wc -l
> 28
> % grep "int ret" security/security.c | wc -l
> 16
I also generally prefer rc over ret. I only suggested using ret
because hooks that have the form of this one usually use ret, and
it seemed we might keep some hobgoblin at bay. I withdraw the suggestion.
More information about the Linux-security-module-archive
mailing list