selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests

Through a somewhat convoluted series of changes, we have ended up with multiple unnecessary occurrences of (flags & MAY_NOT_BLOCK) tests in selinux_inode_permission(). Clean it up and simplify. No functional change. Signed-off-by: Stephen Smalley <[email protected]> Signed-off-by: Paul Moore <[email protected]>
josf · Dec 9, 2019 · 5298d0b · 5298d0b
1 parent 0188d5c
commit 5298d0b
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
@@ -3033,7 +3033,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
 	const struct cred *cred = current_cred();
 	u32 perms;
 	bool from_access;
-	unsigned flags = mask & MAY_NOT_BLOCK;
+	bool no_block = mask & MAY_NOT_BLOCK;
 	struct inode_security_struct *isec;
 	u32 sid;
 	struct av_decision avd;
@@ -3055,13 +3055,13 @@ static int selinux_inode_permission(struct inode *inode, int mask)
 	perms = file_mask_to_av(inode->i_mode, mask);
 
 	sid = cred_sid(cred);
-	isec = inode_security_rcu(inode, flags & MAY_NOT_BLOCK);
+	isec = inode_security_rcu(inode, no_block);
 	if (IS_ERR(isec))
 		return PTR_ERR(isec);
 
 	rc = avc_has_perm_noaudit(&selinux_state,
 				  sid, isec->sid, isec->sclass, perms,
-				  (flags & MAY_NOT_BLOCK) ? AVC_NONBLOCKING : 0,
+				  no_block ? AVC_NONBLOCKING : 0,
 				  &avd);
 	audited = avc_audit_required(perms, &avd, rc,
 				     from_access ? FILE__AUDIT_ACCESS : 0,
@@ -3070,7 +3070,7 @@ static int selinux_inode_permission(struct inode *inode, int mask)
 		return rc;
 
 	/* fall back to ref-walk if we have to generate audit */
-	if (flags & MAY_NOT_BLOCK)
+	if (no_block)
 		return -ECHILD;
 
 	rc2 = audit_inode_permission(inode, perms, audited, denied, rc);