Rewrite get_ruleset_from_fd() to please the 0-DAY CI Kernel Test Service that reported an uninitialized variable (false positive). Anyway, it is cleaner like this. Cc: James Morris <jmorris@xxxxxxxxx> Cc: Jann Horn <jannh@xxxxxxxxxx> Cc: Serge E. Hallyn <serge@xxxxxxxxxx> Link: https://lore.kernel.org/linux-security-module/202011101854.zGbWwusK-lkp@xxxxxxxxx/ Reported-by: kernel test robot <lkp@xxxxxxxxx> Signed-off-by: Mickaël Salaün <mic@xxxxxxxxxxx> --- security/landlock/syscall.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/security/landlock/syscall.c b/security/landlock/syscall.c index 486136d4f46e..543ae36cd339 100644 --- a/security/landlock/syscall.c +++ b/security/landlock/syscall.c @@ -196,24 +196,26 @@ static struct landlock_ruleset *get_ruleset_from_fd(const int fd, { struct fd ruleset_f; struct landlock_ruleset *ruleset; - int err; ruleset_f = fdget(fd); if (!ruleset_f.file) return ERR_PTR(-EBADF); /* Checks FD type and access right. */ - err = 0; - if (ruleset_f.file->f_op != &ruleset_fops) - err = -EBADFD; - else if (!(ruleset_f.file->f_mode & mode)) - err = -EPERM; - if (!err) { - ruleset = ruleset_f.file->private_data; - landlock_get_ruleset(ruleset); + if (ruleset_f.file->f_op != &ruleset_fops) { + ruleset = ERR_PTR(-EBADFD); + goto out_fdput; } + if (!(ruleset_f.file->f_mode & mode)) { + ruleset = ERR_PTR(-EPERM); + goto out_fdput; + } + ruleset = ruleset_f.file->private_data; + landlock_get_ruleset(ruleset); + +out_fdput: fdput(ruleset_f); - return err ? ERR_PTR(err) : ruleset; + return ruleset; } /* Path handling */ -- 2.29.2
