Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp170585imm;
        Thu, 10 May 2018 17:57:20 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZpQtVrXDpcFYUL2w5nkje3oadefXFlFFuJhqOoOG3XKD7VVKvjm5lUtr/2SnUjaMGpQEtjd
X-Received: by 2002:a63:696:: with SMTP id 144-v6mr2818731pgg.212.1526000239983;
        Thu, 10 May 2018 17:57:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1526000239; cv=none;
        d=google.com; s=arc-20160816;
        b=y1nXs+LaRv6A1HnlCSO7Cov6UBhVLDGdR99f3OEgQNjCXUSxK3Q/sUIaxV1St3RquX
         jXSrETogE4JxAEjiL50vwhqQ3bOz2SkBU0AIVRG68NZFl+4naeJnDXH6TrV/PHQEClJX
         q4NS/QWo5fSvHrEIGAFE+95M27yL12tDjhsbxtRBWZAkQrYkwU3bDG62CqfesdFy1Fpm
         qqkM1+0236uKxkkaA5y9WyoLU94KyUc+gQdpnIOHYJsFmsOxaviFpVzH/4mLAkl8uHOH
         h6WnxtqAOR8h27TIyM+fphS9/jMCvnZjLZBUFJyjEXryDPNSdYxEP9AkOfNU7ywdotrU
         pQyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:to:subject:dkim-signature
         :arc-authentication-results;
        bh=edu8+JIS5PRcUDy3XlAruNB7oD8g16GgCGuEiflJUv4=;
        b=YfH4VnVekeDcUj+8dW7x305KpHNOe4a4r0m8a3diTsW1nNVjkn5N8dyXz3duuQe48W
         cC4ufq4dVVlrRL0d/7KwE/u9ul4YcG90xy+x3xBL+X1WueRQYRKG2fhrglGG6CSNBB1F
         GCOdxytYoC7U4DwCPtNchMqnmWrhwls+4sF9FcYlNWKzV3bXSBqmD9im1iGFV4yH/d+y
         /MwozPNabAg/A5e3Qcx5r1O/HL18eo4UgyNBuuLxb+Cv4NsjLYcqO6KBJvKDtlNqXDWc
         3vLanNGSubiz+5fn3Dez+WYzyijO1+/3pFTeg9vc1/81evWn6ZN94Cm86i/qQ1qm5ChT
         wypQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@yahoo.com header.s=s2048 header.b=TRO+1/Ab;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l81-v6si2036058pfj.127.2018.05.10.17.57.05;
        Thu, 10 May 2018 17:57:19 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@yahoo.com header.s=s2048 header.b=TRO+1/Ab;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752467AbeEKAzP (ORCPT <rfc822;zxj546700287@gmail.com>
        + 99 others); Thu, 10 May 2018 20:55:15 -0400
Received: from sonic311-29.consmr.mail.ne1.yahoo.com ([66.163.188.210]:39160
        "EHLO sonic311-29.consmr.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1752033AbeEKAzL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 10 May 2018 20:55:11 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1526000110; bh=edu8+JIS5PRcUDy3XlAruNB7oD8g16GgCGuEiflJUv4=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=TRO+1/AbgA8V+1edc6eDUIkdVheTEc4HfHndUf4q5D7lksjV3yr5zi1eV4F0amO0KynVWXX9AgCe5/Nm+cYligj3TZjXfKlRTRJfd3i6UvmERWwaS0AQVLSjgfQYfa4kSvIbL48kMOFZCs0za4Utot1X9gCwkmFmB9BMoxRhTzxVy/EEedBSRuvbujhiLYloAl6onRkyMz/LR6rWvzPbXZpQElOSj4cRLwKHrnkGgDzDSZ2mFvFC+D8EmDQewNG92aNSDHBJBndGvtDbLE8JDVSrDSZrulHB7PX6Q7XygHOCwugFxESt8bK46P7ZlcfkRLSbvUDjnmv3dhU4+dw5Uw==
X-YMail-OSG: u3wPdm0VM1lWm1fciywA9LCIHdzZ5HiDr7gwmiZ1HI5t3hDhCjcX48ZDQqaadCR
 E531Aah4QdGbZ5w64sE8hIuWhHBbNa8nmZbjqKIaBadRfjOhsiI9WMPwBe1G9qIF2fDLybmC2FCX
 uBjSVU0jsR2ZKpxJ18Mb92KoVzCkRG6ygcFjbNiV_GK4TafHStmaEBD0pmKhmNWcLBXCMPeTD_dq
 rt4qaZ9gcIz7kaA8bs0o855bEu5aqvy5jIQm0coYoDGmIe1I7CpqS0fpkYhgWaweqKUoYU7dDVx4
 n7POL8g.k2iNDcbhbQN15nKIWJNLTvH9t4YooIFmdQJbxzImDB2iR7yVlpiWI0au04w0RfZETX_0
 SRiVGPRRXXlKyvpmi_ffHZh4f1.LznvS1XHytv8N8kZ4YJYFTjcAh1148lSL9ktX7yWiyoBCBprT
 NCFTuCgLS9L46zVKTEENCW_WDNhaIY8m3E6LvgupMR2rE5Z7l4sMcNOGVDOX6e1ntpZsefiRHfQ9
 EvuVXjavR6MU03_weDHqWjGJiSPpGTEbXskDDOFH_WtLHqdOZ_P9ZSMv2Q4MlJHOpUDiBizofj2T
 SjFhwCJSBuXu7C6bhOEUMFXA5ken9zpN9HFlhcYh7NiHk1ATrfEpGSpxQtZ6So597dVQ33GL44tb
 TWbs-
Received: from sonic.gate.mail.ne1.yahoo.com by sonic311.consmr.mail.ne1.yahoo.com with HTTP; Fri, 11 May 2018 00:55:10 +0000
Received: from c-67-169-65-224.hsd1.ca.comcast.net (EHLO [192.168.0.105]) ([67.169.65.224])
          by smtp415.mail.ne1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 26f0b24d8d8b6e1a332ce0df854da6ac;
          Fri, 11 May 2018 00:55:10 +0000 (UTC)
Subject: [PATCH 15/23] LSM: Mark security blob allocation failures as unlikely
To:     LSM <linux-security-module@vger.kernel.org>,
        LKLM <linux-kernel@vger.kernel.org>,
        Paul Moore <paul@paul-moore.com>,
        Stephen Smalley <sds@tycho.nsa.gov>,
        SE Linux <selinux@tycho.nsa.gov>,
        "SMACK-discuss@lists.01.org" <SMACK-discuss@lists.01.org>,
        John Johansen <john.johansen@canonical.com>,
        Kees Cook <keescook@chromium.org>,
        Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>,
        James Morris <jmorris@namei.org>
References: <7e8702ce-2598-e0a3-31a2-bc29157fb73d@schaufler-ca.com>
From:   Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <2e03ca7d-35b7-4af0-a328-ad280a59f001@schaufler-ca.com>
Date:   Thu, 10 May 2018 17:55:06 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <7e8702ce-2598-e0a3-31a2-bc29157fb73d@schaufler-ca.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Casey Schaufler <casey@schaufler-ca.com>
Date: Thu, 10 May 2018 14:33:57 -0700
Subject: [PATCH 15/23] LSM: Mark security blob allocation failures as unlikely

The allocation of security blobs is unlikely to fail.
Mark the checks thus for performance reasons.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
 security/security.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/security/security.c b/security/security.c
index 359ed1137c00..412dba75da65 100644
--- a/security/security.c
+++ b/security/security.c
@@ -1245,7 +1245,7 @@ int security_file_alloc(struct file *file)
 {
 	int rc = lsm_file_alloc(file);
 
-	if (rc)
+	if (unlikely(rc))
 		return rc;
 	rc = call_int_hook(file_alloc_security, 0, file);
 	if (unlikely(rc))
@@ -1368,7 +1368,7 @@ int security_task_alloc(struct task_struct *task, unsigned long clone_flags)
 {
 	int rc = lsm_task_alloc(task);
 
-	if (rc)
+	if (unlikely(rc))
 		return rc;
 	rc = call_int_hook(task_alloc, 0, task, clone_flags);
 	if (unlikely(rc))
@@ -1388,7 +1388,7 @@ int security_cred_alloc_blank(struct cred *cred, gfp_t gfp)
 {
 	int rc = lsm_cred_alloc(cred, gfp);
 
-	if (rc)
+	if (unlikely(rc))
 		return rc;
 
 	rc = call_int_hook(cred_alloc_blank, 0, cred, gfp);
@@ -1409,7 +1409,7 @@ int security_prepare_creds(struct cred *new, const struct cred *old, gfp_t gfp)
 {
 	int rc = lsm_cred_alloc(new, gfp);
 
-	if (rc)
+	if (unlikely(rc))
 		return rc;
 
 	rc = call_int_hook(cred_prepare, 0, new, old, gfp);
-- 
2.14.3