selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr

author Gaosheng Cui <cuigaosheng1@huawei.com>

Fri, 12 Jul 2024 01:45:34 +0000 (09:45 +0800)

committer Paul Moore <paul@paul-moore.com>

Mon, 29 Jul 2024 20:34:08 +0000 (16:34 -0400)
author Gaosheng Cui <cuigaosheng1@huawei.com>
Fri, 12 Jul 2024 01:45:34 +0000 (09:45 +0800)
committer Paul Moore <paul@paul-moore.com>
Mon, 29 Jul 2024 20:34:08 +0000 (16:34 -0400)
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c

index 55885634e8804a1012c571ab2d73fec16614141b..63c481dd71bb67f95baa973f474d729ed5a3c303 100644 (file)
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -62,7 +62,7 @@ static int selinux_netlbl_sidlookup_cached(struct sk_buff *skb,
   * Description:
   * Generate the NetLabel security attributes for a socket, making full use of
   * the socket's attribute cache.  Returns a pointer to the security attributes
- * on success, NULL on failure.
+ * on success, or an ERR_PTR on failure.
   *
   */
  static struct netlbl_lsm_secattr *selinux_netlbl_sock_genattr(struct sock *sk)
@@ -76,11 +76,12 @@ static struct netlbl_lsm_secattr *selinux_netlbl_sock_genattr(struct sock *sk)
  
         secattr = netlbl_secattr_alloc(GFP_ATOMIC);
         if (secattr == NULL)
-               return NULL;
+               return ERR_PTR(-ENOMEM);
+
         rc = security_netlbl_sid_to_secattr(sksec->sid, secattr);
         if (rc != 0) {
                 netlbl_secattr_free(secattr);
-               return NULL;
+               return ERR_PTR(rc);
         }
         sksec->nlbl_secattr = secattr;
  
@@ -400,8 +401,8 @@ int selinux_netlbl_socket_post_create(struct sock *sk, u16 family)
                 return 0;
  
         secattr = selinux_netlbl_sock_genattr(sk);
-       if (secattr == NULL)
-               return -ENOMEM;
+       if (IS_ERR(secattr))
+               return PTR_ERR(secattr);
         /* On socket creation, replacement of IP options is safe even if
          * the caller does not hold the socket lock.
          */
@@ -561,10 +562,9 @@ static int selinux_netlbl_socket_connect_helper(struct sock *sk,
                 return rc;
         }
         secattr = selinux_netlbl_sock_genattr(sk);
-       if (secattr == NULL) {
-               rc = -ENOMEM;
-               return rc;
-       }
+       if (IS_ERR(secattr))
+               return PTR_ERR(secattr);
+
         rc = netlbl_conn_setattr(sk, addr, secattr);
         if (rc == 0)
                 sksec->nlbl_state = NLBL_CONNLABELED;
author	Gaosheng Cui <cuigaosheng1@huawei.com>
	Fri, 12 Jul 2024 01:45:34 +0000 (09:45 +0800)
committer	Paul Moore <paul@paul-moore.com>
	Mon, 29 Jul 2024 20:34:08 +0000 (16:34 -0400)