It seems like we should return an error here. That's what the comment
says we should do.
I also removed an out of date comment. It wasn't needed and seemed likely
to get out of date again.
Signed-off-by: Dan Carpenter <error27@xxxxxxxxx>
---
This was found with a static checker and I have only compile tested it.
The callers all seem to use the return code, but please review carefully.
The code has been like this since the module was merged.
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index 294b005..90d5314 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -260,18 +260,17 @@ out:
* policy decision.
*
* Return 0 on success, an error code on failure.
- * (Based on the results of appraise_measurement().)
*/
int ima_file_mmap(struct file *file, unsigned long prot)
{
- int rc;
+ int rc = 0;
if (!file)
return 0;
if (prot & PROT_EXEC)
rc = process_measurement(file, file->f_dentry->d_name.name,
MAY_EXEC, FILE_MMAP);
- return 0;
+ return rc;
}
/**
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
