selinux: cleanup selinux_lsm_getattr()
A number of small changes to selinux_lsm_getattr() to improve the quality and readability of the code: * Explicitly set the `value` parameter to NULL in the case where an attribute has not been set. * Rename the `__tsec` variable to `tsec` to better fit the SELinux code. * Rename `bad` to `err_unlock` to better indicate the jump target drops the RCU lock. Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore
parent
0142c56682
commit
e6b5ebca41
@ -6348,55 +6348,55 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode)
|
||||
static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p,
|
||||
char **value)
|
||||
{
|
||||
const struct task_security_struct *__tsec;
|
||||
u32 sid;
|
||||
const struct task_security_struct *tsec;
|
||||
int error;
|
||||
unsigned len;
|
||||
u32 sid;
|
||||
u32 len;
|
||||
|
||||
rcu_read_lock();
|
||||
__tsec = selinux_cred(__task_cred(p));
|
||||
|
||||
if (current != p) {
|
||||
error = avc_has_perm(current_sid(), __tsec->sid,
|
||||
tsec = selinux_cred(__task_cred(p));
|
||||
if (p != current) {
|
||||
error = avc_has_perm(current_sid(), tsec->sid,
|
||||
SECCLASS_PROCESS, PROCESS__GETATTR, NULL);
|
||||
if (error)
|
||||
goto bad;
|
||||
goto err_unlock;
|
||||
}
|
||||
|
||||
switch (attr) {
|
||||
case LSM_ATTR_CURRENT:
|
||||
sid = __tsec->sid;
|
||||
sid = tsec->sid;
|
||||
break;
|
||||
case LSM_ATTR_PREV:
|
||||
sid = __tsec->osid;
|
||||
sid = tsec->osid;
|
||||
break;
|
||||
case LSM_ATTR_EXEC:
|
||||
sid = __tsec->exec_sid;
|
||||
sid = tsec->exec_sid;
|
||||
break;
|
||||
case LSM_ATTR_FSCREATE:
|
||||
sid = __tsec->create_sid;
|
||||
sid = tsec->create_sid;
|
||||
break;
|
||||
case LSM_ATTR_KEYCREATE:
|
||||
sid = __tsec->keycreate_sid;
|
||||
sid = tsec->keycreate_sid;
|
||||
break;
|
||||
case LSM_ATTR_SOCKCREATE:
|
||||
sid = __tsec->sockcreate_sid;
|
||||
sid = tsec->sockcreate_sid;
|
||||
break;
|
||||
default:
|
||||
error = -EOPNOTSUPP;
|
||||
goto bad;
|
||||
goto err_unlock;
|
||||
}
|
||||
rcu_read_unlock();
|
||||
|
||||
if (!sid)
|
||||
if (sid == SECSID_NULL) {
|
||||
*value = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
error = security_sid_to_context(sid, value, &len);
|
||||
if (error)
|
||||
return error;
|
||||
return len;
|
||||
|
||||
bad:
|
||||
err_unlock:
|
||||
rcu_read_unlock();
|
||||
return error;
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user