module: only handle errors with the *switch* statement in module_sig_check()

Let's handle the successful call of mod_verify_sig() right after that call,
making the *switch* statement only handle the real errors, and then move
the comment from the first *case* before *switch* itself and the comment
before *default* after it.  Fix the comment style, add article/comma/dash,
spell out "nomem" as "lack of memory" in these comments, while at it...

Suggested-by: Joe Perches <joe@perches.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: Sergey Shtylyov <s.shtylyov@omprussia.ru>
Signed-off-by: Jessica Yu <jeyu@kernel.org>

diff --git a/kernel/module.c b/kernel/module.c
index 02b87bc..948d4bb 100644 (file)
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2895,17 +2895,18 @@ static int module_sig_check(struct load_info *info, int flags)
                /* We truncate the module to discard the signature */
                info->len -= markerlen;
                err = mod_verify_sig(mod, info);
+               if (!err) {
+                       info->sig_ok = true;
+                       return 0;
+               }
        }
 
+       /*
+        * We don't permit modules to be loaded into the trusted kernels
+        * without a valid signature on them, but if we're not enforcing,
+        * certain errors are non-fatal.
+        */
        switch (err) {
-       case 0:
-               info->sig_ok = true;
-               return 0;
-
-               /* We don't permit modules to be loaded into trusted kernels
-                * without a valid signature on them, but if we're not
-                * enforcing, certain errors are non-fatal.
-                */
        case -ENODATA:
                reason = "unsigned module";
                break;
@@ -2916,11 +2917,12 @@ static int module_sig_check(struct load_info *info, int flags)
                reason = "module with unavailable key";
                break;
 
-               /* All other errors are fatal, including nomem, unparseable
-                * signatures and signature check failures - even if signatures
-                * aren't required.
-                */
        default:
+               /*
+                * All other errors are fatal, including lack of memory,
+                * unparseable signatures, and signature check failures --
+                * even if signatures aren't required.
+                */
                return err;
        }