Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp2247628pxx; Sat, 31 Oct 2020 13:14:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyuJwydJkikpBN6/usqsdiyg9zDTHwgrbDqr45I29EK6PcdH1J0OD8YH5BKgIQIgOnPTVRT X-Received: by 2002:a17:906:400f:: with SMTP id v15mr8261817ejj.378.1604175275791; Sat, 31 Oct 2020 13:14:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1604175275; cv=none; d=google.com; s=arc-20160816; b=KyKr5rFr+yuQRf+ycB6QUu1mH8y96/qjQD18bgOcz++xktzeoPfA5/YL2msUgUfIqk 8Pgy/GBswxg5xtJljzdxFxFPtCLYxYn9LDnjs0d5GofeO7H6TsuR+TpHTwKkLCeB8YUM hBfZwKS+IW9DoV6+leiqMaFPdpMhRnhXwmZjmgipZLPSQlHN0Xa6VuBpjqDOZmKIDwOO uhZjmdsHasmhrDnh7J76dhj2X4x+gt0Yg7ORzE8I94N7z8oRN39BuU0eIAOSaOc6mYFr q8X8Ws1nU30Pe6+rc3HcJJR93LIk6JN+nEgQNKXdgXoqX32ltO0A/oBQdD7hBxMnVNXv hFgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:organization :references:cc:to:from:subject:dkim-filter; bh=1hpkWHEwYW5fDVtOjnYCZ3/Efprd0e+zDBnELfy38eM=; b=tTX3K/A948oTN+DN9wQ6wFX38hkCt9QHo3/JSTvEC4Xwwk5ffg5G3y+ULyl0a+81iU cn6w7ySNinIAiA3lg6yeCrhbXBSs4ft7ZE+4pKB+JXbD14nSRxeR+Uv2jCU4uBiv1plJ +zueq7K/IrPKq6IKHZMSUUqK7x6i0jiDR8WxU75RpoIH/sT3d6zxLt0VxCLbb1TB90Fi cWO2Q53deDfQhnv2XxutIyl1GBd3WBzvX2r30AYKbLYuB73Z+k3IcplFiLIVHoXduA2k 4LBMOSHOTTEEBOxTaLeCD2EH6SNDnrX5DXO/K084NS7sCljMYUOFVteVoZJ7qTde2ycm d4WQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=omprussia.ru Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r27si7391197edw.277.2020.10.31.13.14.12; Sat, 31 Oct 2020 13:14:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=omprussia.ru Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728561AbgJaUKb (ORCPT + 99 others); Sat, 31 Oct 2020 16:10:31 -0400 Received: from mxout03.lancloud.ru ([89.108.73.187]:52846 "EHLO mxout03.lancloud.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728451AbgJaUKb (ORCPT ); Sat, 31 Oct 2020 16:10:31 -0400 Received: from LanCloud DKIM-Filter: OpenDKIM Filter v2.11.0 mxout03.lancloud.ru 42D12206646C Received: from LanCloud Received: from LanCloud Received: from LanCloud Subject: [PATCH v2 3/3] module: only handle errors with the *switch* statement in module_sig_check() From: Sergey Shtylyov To: Jessica Yu , CC: Joe Perches References: <22e48a3d-06ee-5b8e-6e56-3694871a7c2f@omprussia.ru> Organization: Open Mobile Platform, LLC Message-ID: Date: Sat, 31 Oct 2020 23:10:28 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.3.1 MIME-Version: 1.0 In-Reply-To: <22e48a3d-06ee-5b8e-6e56-3694871a7c2f@omprussia.ru> Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [213.87.129.247] X-ClientProxiedBy: LFEXT01.lancloud.ru (fd00:f066::141) To LFEX1908.lancloud.ru (fd00:f066::208) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Let's handle the successful call of mod_verify_sig() right after that call, making the *switch* statement only handle the real errors, and then move the comment from the first *case* before *switch* itself and the comment before *default* after it. Fix the comment style, add article/comma/dash, spell out "nomem" as "lack of memory" in these comments, while at it... Suggested-by: Joe Perches Signed-off-by: Sergey Shtylyov --- Changes in version 2: - new patch. kernel/module.c | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) Index: linux/kernel/module.c =================================================================== --- linux.orig/kernel/module.c +++ linux/kernel/module.c @@ -2895,17 +2895,18 @@ static int module_sig_check(struct load_ /* We truncate the module to discard the signature */ info->len -= markerlen; err = mod_verify_sig(mod, info); + if (!err) { + info->sig_ok = true; + return 0; + } } + /* + * We don't permit modules to be loaded into the trusted kernels + * without a valid signature on them, but if we're not enforcing, + * certain errors are non-fatal. + */ switch (err) { - case 0: - info->sig_ok = true; - return 0; - - /* We don't permit modules to be loaded into trusted kernels - * without a valid signature on them, but if we're not - * enforcing, certain errors are non-fatal. - */ case -ENODATA: reason = "unsigned module"; break; @@ -2916,11 +2917,12 @@ static int module_sig_check(struct load_ reason = "module with unavailable key"; break; - /* All other errors are fatal, including nomem, unparseable - * signatures and signature check failures - even if signatures - * aren't required. - */ default: + /* + * All other errors are fatal, including lack of memory, + * unparseable signatures, and signature check failures -- + * even if signatures aren't required. + */ return err; }