From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Thu, 24 Nov 2016 06:58:01 +0000 (+0100)
Subject: attach: simplify lsm_openat()
X-Git-Tag: lxc-1.0.10~40
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=492ee6590ce20f5a11ffea15108b4c51022da3fe;p=thirdparty%2Flxc.git

attach: simplify lsm_openat()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 4fc39c614..285ef4d24 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -78,12 +78,13 @@
 
 lxc_log_define(lxc_attach, lxc);
 
+/* /proc/pid-to-str/current\0 = (5 + 21 + 7 + 1) */
+#define __LSMATTRLEN (5 + 21 + 7 + 1)
 static int lsm_openat(int procfd, pid_t pid, int on_exec)
 {
 	int ret = -1;
 	int labelfd = -1;
-	const char* name;
-#define __LSMATTRLEN /* /proc */ (5 + /* /pid-to-str */ 21 + /* /current */ 7 + /* \0 */ 1)
+	const char *name;
 	char path[__LSMATTRLEN];
 
 	name = lsm_name();
@@ -98,20 +99,16 @@ static int lsm_openat(int procfd, pid_t pid, int on_exec)
 	if (strcmp(name, "AppArmor") == 0)
 		on_exec = 0;
 
-	if (on_exec) {
+	if (on_exec)
 		ret = snprintf(path, __LSMATTRLEN, "%d/attr/exec", pid);
-		if (ret < 0 || ret >= __LSMATTRLEN)
-			return -1;
-		labelfd = openat(procfd, path, O_RDWR);
-	} else {
+	else
 		ret = snprintf(path, __LSMATTRLEN, "%d/attr/current", pid);
-		if (ret < 0 || ret >= __LSMATTRLEN)
-			return -1;
-		labelfd = openat(procfd, path, O_RDWR);
-	}
+	if (ret < 0 || ret >= __LSMATTRLEN)
+		return -1;
 
+	labelfd = openat(procfd, path, O_RDWR);
 	if (labelfd < 0) {
-		SYSERROR("Unable to open LSM label");
+		SYSERROR("Unable to open file descriptor to set LSM label.");
 		return -1;
 	}