Re: Patch "module: avoid *goto*s in module_sig_check()" has been added to the 5.10-stable tree

[Sergey Shtylyov <s.shtylyov@xxxxxxxxxxxx>]

On 22.03.2021 6:05, Sasha Levin wrote:

> This is a note to let you know that I've just added the patch titled
>
>      module: avoid *goto*s in module_sig_check()
>
> to the 5.10-stable tree which can be found at:
>      http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
>
> The filename of the patch is:
>       module-avoid-goto-s-in-module_sig_check.patch
> and it can be found in the queue-5.10 subdirectory.
>
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@xxxxxxxxxxxxxxx> know about it.

   Again, it's just a cleanup...

> commit c5d4af31cebd2d83fdb7bb7b7d11cbc086c18a4a
> Author: Sergey Shtylyov <s.shtylyov@xxxxxxxxxxxx>
> Date:   Sat Oct 31 23:09:31 2020 +0300
>
>      module: avoid *goto*s in module_sig_check()
>      
>      [ Upstream commit 10ccd1abb808599a6dc7c9389560016ea3568085 ]
>      
>      Let's move the common handling of the non-fatal errors after the *switch*
>      statement -- this avoids *goto*s inside that *switch*...
>      
>      Suggested-by: Joe Perches <joe@xxxxxxxxxxx>
>      Reviewed-by: Miroslav Benes <mbenes@xxxxxxx>
>      Signed-off-by: Sergey Shtylyov <s.shtylyov@xxxxxxxxxxxx>
>      Signed-off-by: Jessica Yu <jeyu@xxxxxxxxxx>
>      Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
>
> diff --git a/kernel/module.c b/kernel/module.c
> index 3b6dd8200d3d..f1be6b6a3a3d 100644
> --- a/kernel/module.c
> +++ b/kernel/module.c
> @@ -2923,20 +2923,13 @@ static int module_sig_check(struct load_info *info, int flags)
>   		 */
>   	case -ENODATA:
>   		reason = "unsigned module";
> -		goto decide;
> +		break;
>   	case -ENOPKG:
>   		reason = "module with unsupported crypto";
> -		goto decide;
> +		break;
>   	case -ENOKEY:
>   		reason = "module with unavailable key";
> -	decide:
> -		if (is_module_sig_enforced()) {
> -			pr_notice("%s: loading of %s is rejected\n",
> -				  info->name, reason);
> -			return -EKEYREJECTED;
> -		}
> -
> -		return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
> +		break;
>   
>   		/* All other errors are fatal, including nomem, unparseable
>   		 * signatures and signature check failures - even if signatures
> @@ -2945,6 +2938,13 @@ static int module_sig_check(struct load_info *info, int flags)
>   	default:
>   		return err;
>   	}
> +
> +	if (is_module_sig_enforced()) {
> +		pr_notice("%s: loading of %s is rejected\n", info->name, reason);
> +		return -EKEYREJECTED;
> +	}
> +
> +	return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
>   }
>   #else /* !CONFIG_MODULE_SIG */
>   static int module_sig_check(struct load_info *info, int flags)