[PATCH v39 28/42] LSM: Improve logic in security_getprocattr

From: Casey Schaufler
Date: Fri Dec 15 2023 - 17:39:11 EST

Next message: Casey Schaufler: "[PATCH v39 29/42] LSM: secctx provider check on release"
Previous message: Peter Hilber: "[RFC PATCH v2 2/7] x86/tsc: Add clocksource ID, set system_counterval_t.cs_id"
In reply to: Casey Schaufler: "[PATCH v39 26/42] Audit: Add record for multiple object contexts"
Next in thread: Casey Schaufler: "[PATCH v39 29/42] LSM: secctx provider check on release"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The conditional in security_getprocattr() can be simplified
and made clearer. This change does that.

Signed-off-by: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
---
security/security.c | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/security/security.c b/security/security.c
index 8ff6cef26e6c..f2ef6032a925 100644
--- a/security/security.c
+++ b/security/security.c
@@ -4107,11 +4107,10 @@ int security_getprocattr(struct task_struct *p, int lsmid, const char *name,
{
struct security_hook_list *hp;

- hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list) {
- if (lsmid != 0 && lsmid != hp->lsmid->id)
- continue;
- return hp->hook.getprocattr(p, name, value);
- }
+ hlist_for_each_entry(hp, &security_hook_heads.getprocattr, list)
+ if (lsmid == LSM_ID_UNDEF || lsmid == hp->lsmid->id)
+ return hp->hook.getprocattr(p, name, value);
+
return LSM_RET_DEFAULT(getprocattr);
}

--
2.41.0

Next message: Casey Schaufler: "[PATCH v39 29/42] LSM: secctx provider check on release"
Previous message: Peter Hilber: "[RFC PATCH v2 2/7] x86/tsc: Add clocksource ID, set system_counterval_t.cs_id"
In reply to: Casey Schaufler: "[PATCH v39 26/42] Audit: Add record for multiple object contexts"
Next in thread: Casey Schaufler: "[PATCH v39 29/42] LSM: secctx provider check on release"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]