selinux: simple cleanup for cond_read_node()

The node->cur_state and len can be read in a single call of next_entry().
And setting len before reading is a dead write so can be eliminated.

Signed-off-by: Namhyung Kim <namhyung@kernel.org>
(Minor tweak to the length parameter in the call to next_entry())
Signed-off-by: Paul Moore <pmoore@redhat.com>

diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 377d148..f09cc72 100644 (file)
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -402,19 +402,14 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp)
        int rc;
        struct cond_expr *expr = NULL, *last = NULL;
 
-       rc = next_entry(buf, fp, sizeof(u32));
+       rc = next_entry(buf, fp, sizeof(u32) * 2);
        if (rc)
                return rc;
 
        node->cur_state = le32_to_cpu(buf[0]);
 
-       len = 0;
-       rc = next_entry(buf, fp, sizeof(u32));
-       if (rc)
-               return rc;
-
        /* expr */
-       len = le32_to_cpu(buf[0]);
+       len = le32_to_cpu(buf[1]);
 
        for (i = 0; i < len; i++) {
                rc = next_entry(buf, fp, sizeof(u32) * 2);