Re: [PATCH 00/46] SELinux: Fine-tuning for several function implementations

[Eric Paris]

<opinion from irrelevant person>

All of the patches look good to me except most of those which change
the handling of `rc=`. I have a personal style preference for

rc = -ENOMEM;
val = kalloc();
if (!val)
  goto err;

vs

val = kalloc();
if (!val) {
  rc = -ENOMEM;
  goto err;
}

because it saves 1 line and I think the compiler does the right/same
thing. If there is preference among the people active in selinux
developers (like I said, I'm now irrelevant) I guess they win.

But certainly a big +1 from me for the array allocation and sizeof()
changes.

-Eric

On Sun, 2017-01-15 at 15:55 +0100, SF Markus Elfring wrote:
> From: Markus Elfring <elfring@xxxxxxxxxxxxxxxxxxxxx>
> Date: Sun, 15 Jan 2017 15:15:14 +0100
> 
> Several update suggestions were taken into account
> from static source code analysis.
> 
> Markus Elfring (46):
> Â Use kmalloc_array() in cond_init_bool_indexes()
> Â Delete an unnecessary return statement in cond_compute_av()
> Â Improve size determinations in four functions
> Â Use kmalloc_array() in hashtab_create()
> Â Adjust four checks for null pointers
> Â Use kcalloc() in policydb_index()
> Â Delete unnecessary variable assignments in policydb_index()
> Â Delete an unnecessary return statement in policydb_destroy()
> Â Delete an error message for a failed memory allocation in
> policydb_read()
> Â Move some assignments for the variable "rc" in policydb_read()
> Â Return directly after a failed next_entry() in genfs_read()
> Â Move assignments for two pointers in genfs_read()
> Â Move four assignments for the variable "rc" in genfs_read()
> Â One function call less in genfs_read() after null pointer detection
> Â One check and function call less in genfs_read() after error
> detection
> Â Move two assignments for the variable "rc" in filename_trans_read()
> Â Delete an unnecessary variable assignment in filename_trans_read()
> Â One function call less in filename_trans_read() after error
> detection
> Â Return directly after a failed next_entry() in range_read()
> Â Move four assignments for the variable "rc" in range_read()
> Â Two function calls less in range_read() after error detection
> Â Delete an unnecessary variable initialisation in range_read()
> Â Move an assignment for a pointer in range_read()
> Â Return directly after a failed kzalloc() in cat_read()
> Â Return directly after a failed kzalloc() in sens_read()
> Â Improve another size determination in sens_read()
> Â Move an assignment for the variable "rc" in sens_read()
> Â Return directly after a failed kzalloc() in user_read()
> Â Return directly after a failed kzalloc() in type_read()
> Â Return directly after a failed kzalloc() in role_read()
> Â Move an assignment for the variable "rc" in role_read()
> Â Return directly after a failed kzalloc() in class_read()
> Â Move an assignment for the variable "rc" in class_read()
> Â Return directly after a failed kzalloc() in common_read()
> Â Return directly after a failed kzalloc() in perm_read()
> Â Move an assignment for the variable "rc" in mls_read_range_helper()
> Â Move an assignment for the variable "rc" in policydb_load_isids()
> Â One function call less in five functions after null pointer
> detection
> Â Move two assignments for the variable "rc" in ocontext_read()
> Â Return directly after a failed kzalloc() in roles_init()
> Â Move two assignments for the variable "rc" in roles_init()
> Â One function call less in roles_init() after error detection
> Â Use kmalloc_array() in sidtab_init()
> Â Adjust two checks for null pointers
> Â Use common error handling code in sidtab_insert()
> Â Use seq_puts() in sel_avc_stats_seq_show()
> 
> Âsecurity/selinux/selinuxfs.cÂÂÂÂÂÂ|ÂÂÂ8 +-
> Âsecurity/selinux/ss/conditional.c |ÂÂ14 +--
> Âsecurity/selinux/ss/hashtab.cÂÂÂÂÂ|ÂÂ10 +-
> Âsecurity/selinux/ss/policydb.cÂÂÂÂ| 255 ++++++++++++++++++++------
> ------------
> Âsecurity/selinux/ss/sidtab.cÂÂÂÂÂÂ|ÂÂ22 ++--
> Â5 files changed, 157 insertions(+), 152 deletions(-)
>