From: Sergey Shtylyov <s.shtylyov@omprussia.ru>
Date: Sat, 31 Oct 2020 20:10:28 +0000 (+0300)
Subject: module: only handle errors with the *switch* statement in module_sig_check()
X-Git-Tag: accepted/tizen/unified/20230118.172025~8230^2~11
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=076aa52e402185e1e347bf5c62c61c6388fce4c7;p=platform%2Fkernel%2Flinux-rpi.git

module: only handle errors with the *switch* statement in module_sig_check()

Let's handle the successful call of mod_verify_sig() right after that call,
making the *switch* statement only handle the real errors, and then move
the comment from the first *case* before *switch* itself and the comment
before *default* after it.  Fix the comment style, add article/comma/dash,
spell out "nomem" as "lack of memory" in these comments, while at it...

Suggested-by: Joe Perches <joe@perches.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: Sergey Shtylyov <s.shtylyov@omprussia.ru>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
---

diff --git a/kernel/module.c b/kernel/module.c
index 02b87bc..948d4bb 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2895,17 +2895,18 @@ static int module_sig_check(struct load_info *info, int flags)
 		/* We truncate the module to discard the signature */
 		info->len -= markerlen;
 		err = mod_verify_sig(mod, info);
+		if (!err) {
+			info->sig_ok = true;
+			return 0;
+		}
 	}
 
+	/*
+	 * We don't permit modules to be loaded into the trusted kernels
+	 * without a valid signature on them, but if we're not enforcing,
+	 * certain errors are non-fatal.
+	 */
 	switch (err) {
-	case 0:
-		info->sig_ok = true;
-		return 0;
-
-		/* We don't permit modules to be loaded into trusted kernels
-		 * without a valid signature on them, but if we're not
-		 * enforcing, certain errors are non-fatal.
-		 */
 	case -ENODATA:
 		reason = "unsigned module";
 		break;
@@ -2916,11 +2917,12 @@ static int module_sig_check(struct load_info *info, int flags)
 		reason = "module with unavailable key";
 		break;
 
-		/* All other errors are fatal, including nomem, unparseable
-		 * signatures and signature check failures - even if signatures
-		 * aren't required.
-		 */
 	default:
+		/*
+		 * All other errors are fatal, including lack of memory,
+		 * unparseable signatures, and signature check failures --
+		 * even if signatures aren't required.
+		 */
 		return err;
 	}