Through a somewhat convoluted series of changes, we have ended up with multiple unnecessary occurrences of (flags & MAY_NOT_BLOCK) tests in selinux_inode_permission(). Clean it up and simplify. No functional change. Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx> --- This patch is relative to the two patches I posted earlier today for MAY_NOT_BLOCK / ref-walk handling. Just a cleanup of something I noticed while doing those two. security/selinux/hooks.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index fd34e25c016f..19591c825f5d 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -3037,7 +3037,7 @@ static int selinux_inode_permission(struct inode *inode, int mask) const struct cred *cred = current_cred(); u32 perms; bool from_access; - unsigned flags = mask & MAY_NOT_BLOCK; + bool no_block = mask & MAY_NOT_BLOCK; struct inode_security_struct *isec; u32 sid; struct av_decision avd; @@ -3059,13 +3059,13 @@ static int selinux_inode_permission(struct inode *inode, int mask) perms = file_mask_to_av(inode->i_mode, mask); sid = cred_sid(cred); - isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK); + isec = inode_security_rcu(inode, no_block); if (IS_ERR(isec)) return PTR_ERR(isec); rc = avc_has_perm_noaudit(&selinux_state, sid, isec->sid, isec->sclass, perms, - (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0, + no_block ? AVC_NONBLOCKING : 0, &avd); audited = avc_audit_required(perms, &avd, rc, from_access ? FILE__AUDIT_ACCESS : 0, @@ -3074,7 +3074,7 @@ static int selinux_inode_permission(struct inode *inode, int mask) return rc; /* fall back to ref-walk if we have to generate audit */ - if (flags & MAY_NOT_BLOCK) + if (no_block) return -ECHILD; rc2 = audit_inode_permission(inode, perms, audited, denied, rc); -- 2.23.0
