korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-24 04:34:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

selinux: small cleanups in selinux_audit_rule_init()

Browse Source 
A few small tweaks to selinux_audit_rule_init():

- Adjust how we use the @rc variable so we are not doing any extra
  work in the common/success case.

- Related to the above, rework the 'out' jump label so that the
  success and error paths are different, simplifying both.

- Cleanup some of the vertical whitespace while we are making the
  other changes.

Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore 2023-05-05 18:49:44 -04:00
parent 4158cb6000
commit c52df19e37
1 changed files with 18 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
security/selinux/ss/services.c
View File

@ -3541,38 +3541,38 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
tmprule = kzalloc(sizeof(struct selinux_audit_rule), GFP_KERNEL); tmprule = kzalloc(sizeof(struct selinux_audit_rule), GFP_KERNEL);
if (!tmprule) if (!tmprule)
return -ENOMEM; return -ENOMEM;
context_init(&tmprule->au_ctxt); context_init(&tmprule->au_ctxt);
rcu_read_lock(); rcu_read_lock();
policy = rcu_dereference(state->policy); policy = rcu_dereference(state->policy);
policydb = &policy->policydb; policydb = &policy->policydb;
tmprule->au_seqno = policy->latest_granting; tmprule->au_seqno = policy->latest_granting;
switch (field) { switch (field) {
case AUDIT_SUBJ_USER: case AUDIT_SUBJ_USER:
case AUDIT_OBJ_USER: case AUDIT_OBJ_USER:
rc = -EINVAL;
userdatum = symtab_search(&policydb->p_users, rulestr); userdatum = symtab_search(&policydb->p_users, rulestr);
if (!userdatum) if (!userdatum) {
goto out; rc = -EINVAL;
goto err;
}
tmprule->au_ctxt.user = userdatum->value; tmprule->au_ctxt.user = userdatum->value;
break; break;
case AUDIT_SUBJ_ROLE: case AUDIT_SUBJ_ROLE:
case AUDIT_OBJ_ROLE: case AUDIT_OBJ_ROLE:
rc = -EINVAL;
roledatum = symtab_search(&policydb->p_roles, rulestr); roledatum = symtab_search(&policydb->p_roles, rulestr);
if (!roledatum) if (!roledatum) {
goto out; rc = -EINVAL;
goto err;
}
tmprule->au_ctxt.role = roledatum->value; tmprule->au_ctxt.role = roledatum->value;
break; break;
case AUDIT_SUBJ_TYPE: case AUDIT_SUBJ_TYPE:
case AUDIT_OBJ_TYPE: case AUDIT_OBJ_TYPE:
rc = -EINVAL;
typedatum = symtab_search(&policydb->p_types, rulestr); typedatum = symtab_search(&policydb->p_types, rulestr);
if (!typedatum) if (!typedatum) {
goto out; rc = -EINVAL;
goto err;
}
tmprule->au_ctxt.type = typedatum->value; tmprule->au_ctxt.type = typedatum->value;
break; break;
case AUDIT_SUBJ_SEN: case AUDIT_SUBJ_SEN:
@ -3582,20 +3582,18 @@ int selinux_audit_rule_init(u32 field, u32 op, char *rulestr, void **vrule)
rc = mls_from_string(policydb, rulestr, &tmprule->au_ctxt, rc = mls_from_string(policydb, rulestr, &tmprule->au_ctxt,
GFP_ATOMIC); GFP_ATOMIC);
if (rc) if (rc)
goto out; goto err;
break; break;
} }
rc = 0;
out:
rcu_read_unlock(); rcu_read_unlock();
if (rc) {
selinux_audit_rule_free(tmprule);
tmprule = NULL;
}
*rule = tmprule; *rule = tmprule;
return 0;
err:
rcu_read_unlock();
selinux_audit_rule_free(tmprule);
*rule = NULL;
return rc; return rc;
} }