From patchwork Wed Jan 25 09:31:43 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: SF Markus Elfring <elfring@users.sourceforge.net>
X-Patchwork-Id: 9536595
Return-Path: <linux-security-module-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	22555601D7
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Wed, 25 Jan 2017 09:32:16 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0CA22205F6
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Wed, 25 Jan 2017 09:32:16 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 00D1B26E69; Wed, 25 Jan 2017 09:32:15 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9DD6E205F6
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Wed, 25 Jan 2017 09:32:15 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751560AbdAYJcO (ORCPT
	<rfc822;patchwork-linux-security-module@patchwork.kernel.org>);
	Wed, 25 Jan 2017 04:32:14 -0500
Received: from mout.web.de ([212.227.15.14]:59446 "EHLO mout.web.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751549AbdAYJcN (ORCPT
	<rfc822;linux-security-module@vger.kernel.org>);
	Wed, 25 Jan 2017 04:32:13 -0500
Received: from [192.168.1.2] ([77.181.222.247]) by smtp.web.de (mrweb002
	[213.165.67.108]) with ESMTPSA (Nemesis) id 0LcPm2-1c7gIR0rqw-00juox;
	Wed, 25 Jan 2017 10:31:45 +0100
Subject: [PATCH 1/3] ima_fs: One check less in ima_write_policy() after error
	detection
To: linux-ima-devel@lists.sourceforge.net,
	linux-ima-user@lists.sourceforge.net,
	linux-security-module@vger.kernel.org,
	Dmitry Kasatkin <dmitry.kasatkin@gmail.com>,
	James Morris <james.l.morris@oracle.com>,
	Mimi Zohar <zohar@linux.vnet.ibm.com>,
	"Serge E. Hallyn" <serge@hallyn.com>
References: <e06d5392-5262-2d88-aa6b-79e53a20fc8b@users.sourceforge.net>
Cc: LKML <linux-kernel@vger.kernel.org>, kernel-janitors@vger.kernel.org
From: SF Markus Elfring <elfring@users.sourceforge.net>
Message-ID: <28a6918c-5714-cec8-2df7-85bcc37e4d75@users.sourceforge.net>
Date: Wed, 25 Jan 2017 10:31:43 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
	Thunderbird/45.6.0
MIME-Version: 1.0
In-Reply-To: <e06d5392-5262-2d88-aa6b-79e53a20fc8b@users.sourceforge.net>
X-Provags-ID: V03:K0:NwOzwNq/DPjZ8RZs2/GZ868Mf2jh5RbKO0vmz4jp9bAT0exnjSE
	8aSfmmD7hup5WxxE4VRBZlJFTXVP4AuAqOmCLxD7ZVl3REIoc0gXPLUoz1ti5GTS9vChPE3
	SvLh8uaNClMF2JwQB8gxmMMggfyGGnESXsEQqfyr8Sc658l5311WPcWJhTP4vAveGGmoyGv
	MZs44Ph4G55zky6hu3HIA==
X-UI-Out-Filterresults: notjunk:1; V01:K0:zF1AkEUUV8Y=:4+3cXskWROIks3SHglpWLt
	8rkVebT56KZgOBpn0bHLh2eICNHH5hNlkf1dLzuJgbuzPWGb1nI9m/HR8EfprL9cH7ythQAQf
	nEoLFQqHtd2KXBZ1fkocxJImaxMjuUROmBllsEv4oMJYuCz9hQyXfCnDzd/DBZkCEbOS3Pf2v
	+B+yGXVDoC+hk5Mp7SazYI/WjENmo5AlKuh3KzctyLllsZz7p3Y1wTp5F/3HJFnmRskaIzsVz
	OqzFuBWlm09w273mMCLpz5SFVjqeGE5dn6v5DOB+dKlrbB03yckHO+OawUH7vSAQQkXIFCnix
	X4SgQH8sul5iYt6kcYcJJU0baUlbiKAu+uuLh1aUzpMBx89l7jQezv6SCfRMqPAYtgTIYHfoJ
	rTPvYDPOo8SSSSEYUHxxzkAS+FlbRWPivTTW9TmQQEdqzPq1E9CmoOGHLuJRqlfQpoo0IfAS8
	ypQXqgSOSq7/JauDCeJkbngt+lNHBVhfEWTA1v6wgXZoEbXl+XzKWOBfcTmSoSb006n58U7mZ
	xYVf2eu9q7emXx2yr56jK9EMG/dHWkoAgVPbsh30NxUnCVy0nV03GPhy2nmQHcaLNOButSu9Q
	LhTKR1bVPAL3Bs1lx0bzTwGmppvLs8YYip7VFC1VD05V25JEaUBcHm+nrovrWtkvWGjkuaZQ6
	+QwGsnX4D/YEI5y4JXE1NZx7DnqP2wLJllSO5ueVePa/mKcmFphHzYQSM+cM89lUhBaWmWfsq
	+LdrV/PeyrnmKnVsgw7sbBoOQ8VGS8bXXTDyVDrwPuHhXPIwN5sTmf3O/Cb7pyemM6N+O1LNR
	FhxuwIn
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk
List-ID: <linux-security-module.vger.kernel.org>
X-Virus-Scanned: ClamAV using ClamSMTP

From: Markus Elfring <elfring@users.sourceforge.net>
Date: Tue, 24 Jan 2017 20:30:55 +0100

Move the jump label directly before the desired assignment for the
variable "valid_policy" at the end so that the variable "result" will not
be checked once more after it was determined that a received input
parameter was not zero or a memory allocation failed.
Use the identifier "reset_validity" instead of the label "out".

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
---
 security/integrity/ima/ima_fs.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index ca303e5d2b94..c1c8d34d111d 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -321,12 +321,12 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf,
 	/* No partial writes. */
 	result = -EINVAL;
 	if (*ppos != 0)
-		goto out;
+		goto reset_validity;
 
 	result = -ENOMEM;
 	data = kmalloc(datalen + 1, GFP_KERNEL);
 	if (!data)
-		goto out;
+		goto reset_validity;
 
 	*(data + datalen) = '\0';
 
@@ -353,8 +353,8 @@ static ssize_t ima_write_policy(struct file *file, const char __user *buf,
 	mutex_unlock(&ima_write_mutex);
 out_free:
 	kfree(data);
-out:
 	if (result < 0)
+reset_validity:
 		valid_policy = 0;
 
 	return result;