brain-hackers_pepepper-mirror
/
linux-brain
mirror of https://github.com/brain-hackers/linux-brain.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

module: avoid *goto*s in module_sig_check() 

[ Upstream commit 10ccd1abb808599a6dc7c9389560016ea3568085 ]

Let's move the common handling of the non-fatal errors after the *switch*
statement -- this avoids *goto*s inside that *switch*...

Suggested-by: Joe Perches <joe@perches.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: Sergey Shtylyov <s.shtylyov@omprussia.ru>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Sergey Shtylyov 2020-10-31 23:09:31 +03:00 committed by Greg Kroah-Hartman
parent d9b98ccdfe
commit 6a8df0821f
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
kernel/module.c
View File

@ -2909,20 +2909,13 @@ static int module_sig_check(struct load_info *info, int flags)
*/
case -ENODATA:
reason = "unsigned module";
goto decide;
break;
case -ENOPKG:
reason = "module with unsupported crypto";
goto decide;
break;
case -ENOKEY:
reason = "module with unavailable key";
decide:
if (is_module_sig_enforced()) {
pr_notice("%s: loading of %s is rejected\n",
info->name, reason);
return -EKEYREJECTED;
}
return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
break;
/* All other errors are fatal, including nomem, unparseable
* signatures and signature check failures - even if signatures
@ -2931,6 +2924,13 @@ static int module_sig_check(struct load_info *info, int flags)
default:
return err;
}
if (is_module_sig_enforced()) {
pr_notice("%s: loading of %s is rejected\n", info->name, reason);
return -EKEYREJECTED;
}
return security_locked_down(LOCKDOWN_MODULE_SIGNATURE);
}
#else /* !CONFIG_MODULE_SIG */
static int module_sig_check(struct load_info *info, int flags)