The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
they will never return NULL, and elsewhere user don't do the check
as well, so remove the check here.
Signed-off-by: Xiu Jianfeng <[email protected]>
---
security/lsm_audit.c | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 78a278f28e49..75cc3f8d2a42 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -44,9 +44,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
struct iphdr *ih;
ih = ip_hdr(skb);
- if (ih == NULL)
- return -EINVAL;
-
ad->u.net->v4info.saddr = ih->saddr;
ad->u.net->v4info.daddr = ih->daddr;
@@ -59,8 +56,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
switch (ih->protocol) {
case IPPROTO_TCP: {
struct tcphdr *th = tcp_hdr(skb);
- if (th == NULL)
- break;
ad->u.net->sport = th->source;
ad->u.net->dport = th->dest;
@@ -68,8 +63,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
case IPPROTO_UDP: {
struct udphdr *uh = udp_hdr(skb);
- if (uh == NULL)
- break;
ad->u.net->sport = uh->source;
ad->u.net->dport = uh->dest;
@@ -77,8 +70,6 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
case IPPROTO_DCCP: {
struct dccp_hdr *dh = dccp_hdr(skb);
- if (dh == NULL)
- break;
ad->u.net->sport = dh->dccph_sport;
ad->u.net->dport = dh->dccph_dport;
@@ -86,8 +77,7 @@ int ipv4_skb_to_auditdata(struct sk_buff *skb,
}
case IPPROTO_SCTP: {
struct sctphdr *sh = sctp_hdr(skb);
- if (sh == NULL)
- break;
+
ad->u.net->sport = sh->source;
ad->u.net->dport = sh->dest;
break;
@@ -115,8 +105,6 @@ int ipv6_skb_to_auditdata(struct sk_buff *skb,
__be16 frag_off;
ip6 = ipv6_hdr(skb);
- if (ip6 == NULL)
- return -EINVAL;
ad->u.net->v6info.saddr = ip6->saddr;
ad->u.net->v6info.daddr = ip6->daddr;
/* IPv6 can have several extension header before the Transport header
--
2.17.1
On Tue, Jun 14, 2022 at 8:13 AM Xiu Jianfeng <[email protected]> wrote:
>
> The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
> they will never return NULL, and elsewhere user don't do the check
> as well, so remove the check here.
>
> Signed-off-by: Xiu Jianfeng <[email protected]>
> ---
> security/lsm_audit.c | 14 +-------------
> 1 file changed, 1 insertion(+), 13 deletions(-)
Reviewed-by: Paul Moore <[email protected]>
--
paul-moore.com
Hi,
在 2022/6/15 10:07, Paul Moore 写道:
> On Tue, Jun 14, 2022 at 8:13 AM Xiu Jianfeng <[email protected]> wrote:
>> The implements of {ip,tcp,udp,dccp,sctp,ipv6}_hdr(skb) guarantee that
>> they will never return NULL, and elsewhere user don't do the check
>> as well, so remove the check here.
>>
>> Signed-off-by: Xiu Jianfeng <[email protected]>
>> ---
>> security/lsm_audit.c | 14 +-------------
>> 1 file changed, 1 insertion(+), 13 deletions(-)
> Reviewed-by: Paul Moore <[email protected]>
Thanks for the review, and kindly ping here ...