attach: simplify lsm_openat()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 4fc39c61453bc0d4dae57dce040e5cd69954d8ca..285ef4d245bf534c663bc45f518c3915be072338 100644 (file)
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -78,12 +78,13 @@
 
 lxc_log_define(lxc_attach, lxc);
 
+/* /proc/pid-to-str/current\0 = (5 + 21 + 7 + 1) */
+#define __LSMATTRLEN (5 + 21 + 7 + 1)
 static int lsm_openat(int procfd, pid_t pid, int on_exec)
 {
        int ret = -1;
        int labelfd = -1;
-       const char* name;
-#define __LSMATTRLEN /* /proc */ (5 + /* /pid-to-str */ 21 + /* /current */ 7 + /* \0 */ 1)
+       const char *name;
        char path[__LSMATTRLEN];
 
        name = lsm_name();
@@ -98,20 +99,16 @@ static int lsm_openat(int procfd, pid_t pid, int on_exec)
        if (strcmp(name, "AppArmor") == 0)
                on_exec = 0;
 
-       if (on_exec) {
+       if (on_exec)
                ret = snprintf(path, __LSMATTRLEN, "%d/attr/exec", pid);
-               if (ret < 0 || ret >= __LSMATTRLEN)
-                       return -1;
-               labelfd = openat(procfd, path, O_RDWR);
-       } else {
+       else
                ret = snprintf(path, __LSMATTRLEN, "%d/attr/current", pid);
-               if (ret < 0 || ret >= __LSMATTRLEN)
-                       return -1;
-               labelfd = openat(procfd, path, O_RDWR);
-       }
+       if (ret < 0 || ret >= __LSMATTRLEN)
+               return -1;
 
+       labelfd = openat(procfd, path, O_RDWR);
        if (labelfd < 0) {
-               SYSERROR("Unable to open LSM label");
+               SYSERROR("Unable to open file descriptor to set LSM label.");
                return -1;
        }