selinux: cleanup selinux_lsm_getattr()

A number of small changes to selinux_lsm_getattr() to improve the quality and readability of the code: * Explicitly set the `value` parameter to NULL in the case where an attribute has not been set. * Rename the `__tsec` variable to `tsec` to better fit the SELinux code. * Rename `bad` to `err_unlock` to better indicate the jump target drops the RCU lock. Signed-off-by: Paul Moore <paul@paul-moore.com>

selinux: cleanup selinux_lsm_getattr()
A number of small changes to selinux_lsm_getattr() to improve the quality and readability of the code: * Explicitly set the `value` parameter to NULL in the case where an attribute has not been set. * Rename the `__tsec` variable to `tsec` to better fit the SELinux code. * Rename `bad` to `err_unlock` to better indicate the jump target drops the RCU lock. Signed-off-by: Paul Moore <paul@paul-moore.com>
e6b5ebca · Paul Moore · 0142c566 · e6b5ebca
Commit e6b5ebca authored Feb 23, 2024 by Paul Moore
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 18 deletions

security/selinux/hooks.c security/selinux/hooks.c +18 -18

No files found.
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -6348,55 +6348,55 @@ static void selinux_d_instantiate(struct dentry *dentry, struct inode *inode)
 static int selinux_lsm_getattr(unsigned int attr, struct task_struct *p,
 			       char **value)
 {
-	const struct task_security_struct *__tsec;
+	const struct task_security_struct *tsec;
-	u32 sid;
 	int error;
-	unsigned len;
+	u32 sid;
+	u32 len;
 	rcu_read_lock();
-	__tsec = selinux_cred(__task_cred(p));
+	tsec = selinux_cred(__task_cred(p));
+	if (p != current) {
-	if (current != p) {
+		error = avc_has_perm(current_sid(), tsec->sid,
-		error = avc_has_perm(current_sid(), __tsec->sid,
 				     SECCLASS_PROCESS, PROCESS__GETATTR, NULL);
 		if (error)
-			goto bad;
+			goto err_unlock;
 	}
 	switch (attr) {
 	case LSM_ATTR_CURRENT:
-		sid = __tsec->sid;
+		sid = tsec->sid;
 		break;
 	case LSM_ATTR_PREV:
-		sid = __tsec->osid;
+		sid = tsec->osid;
 		break;
 	case LSM_ATTR_EXEC:
-		sid = __tsec->exec_sid;
+		sid = tsec->exec_sid;
 		break;
 	case LSM_ATTR_FSCREATE:
-		sid = __tsec->create_sid;
+		sid = tsec->create_sid;
 		break;
 	case LSM_ATTR_KEYCREATE:
-		sid = __tsec->keycreate_sid;
+		sid = tsec->keycreate_sid;
 		break;
 	case LSM_ATTR_SOCKCREATE:
-		sid = __tsec->sockcreate_sid;
+		sid = tsec->sockcreate_sid;
 		break;
 	default:
 		error = -EOPNOTSUPP;
-		goto bad;
+		goto err_unlock;
 	}
 	rcu_read_unlock();
-	if (!sid)
+	if (sid == SECSID_NULL) {
+		*value = NULL;
 		return 0;
+	}
 	error = security_sid_to_context(sid, value, &len);
 	if (error)
 		return error;
 	return len;
-bad:
+err_unlock:
 	rcu_read_unlock();
 	return error;
 }