selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests
Through a somewhat convoluted series of changes, we have ended up with multiple unnecessary occurrences of (flags & MAY_NOT_BLOCK) tests in selinux_inode_permission(). Clean it up and simplify. No functional change. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
0188d5c025
commit
5298d0b9b9
|
@ -3033,7 +3033,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
|
|||
const struct cred *cred = current_cred();
|
||||
u32 perms;
|
||||
bool from_access;
|
||||
unsigned flags = mask & MAY_NOT_BLOCK;
|
||||
bool no_block = mask & MAY_NOT_BLOCK;
|
||||
struct inode_security_struct *isec;
|
||||
u32 sid;
|
||||
struct av_decision avd;
|
||||
|
@ -3055,13 +3055,13 @@ static int selinux_inode_permission(struct inode *inode, int mask)
|
|||
perms = file_mask_to_av(inode->i_mode, mask);
|
||||
|
||||
sid = cred_sid(cred);
|
||||
isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK);
|
||||
isec = inode_security_rcu(inode, no_block);
|
||||
if (IS_ERR(isec))
|
||||
return PTR_ERR(isec);
|
||||
|
||||
rc = avc_has_perm_noaudit(&selinux_state,
|
||||
sid, isec->sid, isec->sclass, perms,
|
||||
(flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0,
|
||||
no_block ? AVC_NONBLOCKING : 0,
|
||||
&avd);
|
||||
audited = avc_audit_required(perms, &avd, rc,
|
||||
from_access ? FILE__AUDIT_ACCESS : 0,
|
||||
|
@ -3070,7 +3070,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
|
|||
return rc;
|
||||
|
||||
/* fall back to ref-walk if we have to generate audit */
|
||||
if (flags & MAY_NOT_BLOCK)
|
||||
if (no_block)
|
||||
return -ECHILD;
|
||||
|
||||
rc2 = audit_inode_permission(inode, perms, audited, denied, rc);
|
||||
|
|
Loading…
Reference in New Issue