module: avoid *goto*s in module_sig_check()
Let's move the common handling of the non-fatal errors after the *switch* statement -- this avoids *goto*s inside that *switch*... Suggested-by: Joe Perches <joe@perches.com> Reviewed-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Sergey Shtylyov <s.shtylyov@omprussia.ru> Signed-off-by: Jessica Yu <jeyu@kernel.org>
This commit is contained in:
parent
705e919518
commit
10ccd1abb8
|
@ -2908,20 +2908,13 @@ static int module_sig_check(struct load_info *info, int flags)
|
|||
*/
|
||||
case -ENODATA:
|
||||
reason = "unsigned module";
|
||||
goto decide;
|
||||
break;
|
||||
case -ENOPKG:
|
||||
reason = "module with unsupported crypto";
|
||||
goto decide;
|
||||
break;
|
||||
case -ENOKEY:
|
||||
reason = "module with unavailable key";
|
||||
decide:
|
||||
if (is_module_sig_enforced()) {
|
||||
pr_notice("%s: loading of %s is rejected\n",
|
||||
info->name, reason);
|
||||
return -EKEYREJECTED;
|
||||
}
|
||||
|
||||
return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
|
||||
break;
|
||||
|
||||
/* All other errors are fatal, including nomem, unparseable
|
||||
* signatures and signature check failures - even if signatures
|
||||
|
@ -2930,6 +2923,13 @@ static int module_sig_check(struct load_info *info, int flags)
|
|||
default:
|
||||
return err;
|
||||
}
|
||||
|
||||
if (is_module_sig_enforced()) {
|
||||
pr_notice("%s: loading of %s is rejected\n", info->name, reason);
|
||||
return -EKEYREJECTED;
|
||||
}
|
||||
|
||||
return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
|
||||
}
|
||||
#else /* !CONFIG_MODULE_SIG */
|
||||
static int module_sig_check(struct load_info *info, int flags)
|
||||
|
|
Loading…
Reference in New Issue