diff options
author | Paul Moore <paul@paul-moore.com> | 2024-02-23 16:26:40 -0500 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2024-03-26 16:37:45 -0400 |
commit | e6b5ebca41dda07b76b244462995502d9f6eb10b (patch) | |
tree | f9b492b4320c1caf9cf40ed6105712134f1cec23 /security/selinux | |
parent | 0142c56682fbf969cc08b1e3f9223384ede29a5f (diff) | |
download | lwn-e6b5ebca41dda07b76b244462995502d9f6eb10b.tar.gz lwn-e6b5ebca41dda07b76b244462995502d9f6eb10b.zip |
selinux: cleanup selinux_lsm_getattr()
A number of small changes to selinux_lsm_getattr() to improve the
quality and readability of the code:
* Explicitly set the `value` parameter to NULL in the case where an
attribute has not been set.
* Rename the `__tsec` variable to `tsec` to better fit the SELinux code.
* Rename `bad` to `err_unlock` to better indicate the jump target drops
the RCU lock.
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/hooks.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 3448454c82d0..190d3f94c595 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -6348,55 +6348,55 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode) static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p, char **value) { - const struct task_security_struct *__tsec; - u32 sid; + const struct task_security_struct *tsec; int error; - unsigned len; + u32 sid; + u32 len; rcu_read_lock(); - __tsec = selinux_cred(__task_cred(p)); - - if (current != p) { - error = avc_has_perm(current_sid(), __tsec->sid, + tsec = selinux_cred(__task_cred(p)); + if (p != current) { + error = avc_has_perm(current_sid(), tsec->sid, SECCLASS_PROCESS, PROCESS__GETATTR, NULL); if (error) - goto bad; + goto err_unlock; } - switch (attr) { case LSM_ATTR_CURRENT: - sid = __tsec->sid; + sid = tsec->sid; break; case LSM_ATTR_PREV: - sid = __tsec->osid; + sid = tsec->osid; break; case LSM_ATTR_EXEC: - sid = __tsec->exec_sid; + sid = tsec->exec_sid; break; case LSM_ATTR_FSCREATE: - sid = __tsec->create_sid; + sid = tsec->create_sid; break; case LSM_ATTR_KEYCREATE: - sid = __tsec->keycreate_sid; + sid = tsec->keycreate_sid; break; case LSM_ATTR_SOCKCREATE: - sid = __tsec->sockcreate_sid; + sid = tsec->sockcreate_sid; break; default: error = -EOPNOTSUPP; - goto bad; + goto err_unlock; } rcu_read_unlock(); - if (!sid) + if (sid == SECSID_NULL) { + *value = NULL; return 0; + } error = security_sid_to_context(sid, value, &len); if (error) return error; return len; -bad: +err_unlock: rcu_read_unlock(); return error; } |