[PATCH 2/7] audit: cull redundancy in audit_rule_change
Eric Paris
eparis at redhat.com
Fri Oct 10 19:09:02 UTC 2014
On Thu, 2014-10-02 at 22:05 -0400, Richard Guy Briggs wrote:
> Re-factor audit_rule_change() to reduce the amount of code redundancy and
> simplify the logic.
>
> Signed-off-by: Richard Guy Briggs <rgb at redhat.com>
> ---
> kernel/auditfilter.c | 20 +++++++-------------
> 1 files changed, 7 insertions(+), 13 deletions(-)
>
> diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
> index 4a11697..e3378a4 100644
> --- a/kernel/auditfilter.c
> +++ b/kernel/auditfilter.c
> @@ -1064,30 +1064,24 @@ int audit_rule_change(int type, __u32 portid, int seq, void *data,
> int err = 0;
> struct audit_entry *entry;
>
> + entry = audit_data_to_entry(data, datasz);
> + if (IS_ERR(entry))
> + return PTR_ERR(entry);
> +
> switch (type) {
> case AUDIT_ADD_RULE:
> - entry = audit_data_to_entry(data, datasz);
> - if (IS_ERR(entry))
> - return PTR_ERR(entry);
> -
> err = audit_add_rule(entry);
> audit_log_rule_change("add_rule", &entry->rule, !err);
> - if (err)
> - audit_free_rule(entry);
> break;
> case AUDIT_DEL_RULE:
> - entry = audit_data_to_entry(data, datasz);
> - if (IS_ERR(entry))
> - return PTR_ERR(entry);
> -
> err = audit_del_rule(entry);
> audit_log_rule_change("remove_rule", &entry->rule, !err);
> - audit_free_rule(entry);
> break;
> - default:
> - return -EINVAL;
I left the default case and made it:
err = -EINVAL;
WARN_ON(1);
Seemed like better defensive coding....
> }
>
> + if (err || type == AUDIT_DEL_RULE)
> + audit_free_rule(entry);
> +
> return err;
> }
>
More information about the Linux-audit
mailing list