diff options
author | Christian Brauner <brauner@kernel.org> | 2022-10-28 15:41:31 +0200 |
---|---|---|
committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2022-10-28 15:41:31 +0200 |
commit | 16257cf6658d5bde2a055caf48f143c255abade7 (patch) | |
tree | 92ea0f9cfbe25ea12e41edc7f3bcbffdce036623 /security/integrity/evm | |
parent | cifs: check whether acl is valid early (diff) | |
download | linux-16257cf6658d5bde2a055caf48f143c255abade7.tar.xz linux-16257cf6658d5bde2a055caf48f143c255abade7.zip |
evm: remove dead code in evm_inode_set_acl()
When evm_status is INTEGRITY_PASS then this function returns early and so
later codepaths that check for evm_status != INTEGRITY_PASS can be removed
as they are dead code.
Fixes: e61b135f7bfe ("integrity: implement get and set acl hook")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Diffstat (limited to 'security/integrity/evm')
-rw-r--r-- | security/integrity/evm/evm_main.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index e074c2b4d499..e01cfd4ad896 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -678,13 +678,12 @@ int evm_inode_set_acl(struct user_namespace *mnt_userns, struct dentry *dentry, !evm_inode_set_acl_change(mnt_userns, dentry, acl_name, kacl)) return 0; - if (evm_status != INTEGRITY_PASS && - evm_status != INTEGRITY_PASS_IMMUTABLE) + if (evm_status != INTEGRITY_PASS_IMMUTABLE) integrity_audit_msg(AUDIT_INTEGRITY_METADATA, d_backing_inode(dentry), dentry->d_name.name, "appraise_metadata", integrity_status_msg[evm_status], -EPERM, 0); - return evm_status == INTEGRITY_PASS ? 0 : -EPERM; + return -EPERM; } static void evm_reset_status(struct inode *inode) |