Re: [PATCH] Kernel: Improvement in code readability when memdup_user_nul() fails.

From: Serge E. Hallyn
Date: Fri Nov 11 2016 - 10:40:05 EST


On Fri, Nov 11, 2016 at 02:37:15PM +0530, Sachin Shukla wrote:
> From: "Sachin Shukla" <sachin.s5@xxxxxxxxxxx>
>
> There is no need to call kfree() if memdup_user_nul() fails, as no memory
> was allocated and the error in the error-valued pointer should be returned.

Hi,

in general, having a common exit path is considered more readable,
more easily reviewable, than having more exit paths. To this end,
initializing pointers to NULL and kfree()ing them at common exit
paths even when they may not have been alloc()ed yet is also often
seen as more readable.

> Signed-off-by: Sachin Shukla <sachin.s5@xxxxxxxxxxx>

I do appreciate the work, and I recognize these things can be subjective,
but I would say

Nacked-by: Serge Hallyn <serge@xxxxxxxxxx>

> ---
> kernel/user_namespace.c | 25 ++++++++++++++-----------
> 1 file changed, 14 insertions(+), 11 deletions(-)
>
> diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
> index 86b7854..a0ffbf0 100644
> --- a/kernel/user_namespace.c
> +++ b/kernel/user_namespace.c
> @@ -672,28 +672,31 @@ static ssize_t map_write(struct file *file, const char __user *buf,
> */
> mutex_lock(&userns_state_mutex);
>
> - ret = -EPERM;
> /* Only allow one successful write to the map */
> - if (map->nr_extents != 0)
> - goto out;
> + if (map->nr_extents != 0) {
> + mutex_unlock(&userns_state_mutex);
> + return -EPERM;
> + }
>
> /*
> * Adjusting namespace settings requires capabilities on the target.
> */
> - if (cap_valid(cap_setid) && !file_ns_capable(file, ns, CAP_SYS_ADMIN))
> - goto out;
> + if (cap_valid(cap_setid) && !file_ns_capable(file, ns, CAP_SYS_ADMIN)) {
> + mutex_unlock(&userns_state_mutex);
> + return -EPERM;
> + }
>
> /* Only allow < page size writes at the beginning of the file */
> - ret = -EINVAL;
> - if ((*ppos != 0) || (count >= PAGE_SIZE))
> - goto out;
> + if ((*ppos != 0) || (count >= PAGE_SIZE)) {
> + mutex_unlock(&userns_state_mutex);
> + return -EINVAL;
> + }
>
> /* Slurp in the user data */
> kbuf = memdup_user_nul(buf, count);
> if (IS_ERR(kbuf)) {
> - ret = PTR_ERR(kbuf);
> - kbuf = NULL;
> - goto out;
> + mutex_unlock(&userns_state_mutex);
> + return PTR_ERR(kbuf);
> }
>
> /* Parse the user data */
> --
> 1.7.9.5