module: only handle errors with the *switch* statement in module_sig_check() (076aa52e) · Commits · 戴 / test

Let's handle the successful call of mod_verify_sig() right after that call, making the *switch* statement only handle the real errors, and then move the comment from the first *case* before *switch* itself and the comment before *default* after it. Fix the comment style, add article/comma/dash, spell out "nomem" as "lack of memory" in these comments, while at it... Suggested-by:

Joe Perches <joe@perches.com> Reviewed-by:

Miroslav Benes <mbenes@suse.cz> Signed-off-by:

Sergey Shtylyov <s.shtylyov@omprussia.ru> Signed-off-by:

Jessica Yu <jeyu@kernel.org>

kernel/module.c

+14 −12

Original line number	Diff line number	Diff line
		@@ -2895,17 +2895,18 @@ static int module_sig_check(struct load_info *info, int flags)
		/* We truncate the module to discard the signature */
		info->len -= markerlen;
		err = mod_verify_sig(mod, info);
		}

		switch (err) {
		case 0:
		if (!err) {
		info->sig_ok = true;
		return 0;
		}
		}

		/* We don't permit modules to be loaded into trusted kernels
		* without a valid signature on them, but if we're not
		* enforcing, certain errors are non-fatal.
		/*
		* We don't permit modules to be loaded into the trusted kernels
		* without a valid signature on them, but if we're not enforcing,
		* certain errors are non-fatal.
		*/
		switch (err) {
		case -ENODATA:
		reason = "unsigned module";
		break;
		@@ -2916,11 +2917,12 @@ static int module_sig_check(struct load_info *info, int flags)
		reason = "module with unavailable key";
		break;

		/* All other errors are fatal, including nomem, unparseable
		* signatures and signature check failures - even if signatures
		* aren't required.
		*/
		default:
		/*
		* All other errors are fatal, including lack of memory,
		* unparseable signatures, and signature check failures --
		* even if signatures aren't required.
		*/
		return err;
		}

Admin message