[Devel] [PATCH RHEL7 COMMIT] blk-cbt: Factor out common capability check

[Konstantin Khorenko]

The commit is pushed to "branch-rh7-3.10.0-1160.83.1.vz7.194.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1160.83.1.vz7.194.4
------>
commit c149fb6e2ea179463dacff6062cfbbd919ae18f6
Author: Nikolay Borisov <nikolay.borisov at virtuozzo.com>
Date:   Fri Jan 27 13:34:39 2023 +0200

    blk-cbt: Factor out common capability check
    
    Instead of duplicating CAP_SYS_ADMIN check for every block-cbt ioctl
    apart from BLKCBTGET simply factor out the check in the beginning of
    blk_cbt_ioctl().
    
    Signed-off-by: Nikolay Borisov <nikolay.borisov at virtuozzo.com>
    Reviewed-by: Alexander Atanasov <alexander.atanasov at virtuozzo.com>
---
 block/blk-cbt.c | 23 +++++++++--------------
 1 file changed, 9 insertions(+), 14 deletions(-)

diff --git a/block/blk-cbt.c b/block/blk-cbt.c
index d1eb6ce500e7..21a5d4019ee9 100644
--- a/block/blk-cbt.c
+++ b/block/blk-cbt.c
@@ -822,29 +822,24 @@ static int cbt_ioc_set(struct block_device *bdev, struct blk_user_cbt_info __use
 
 int blk_cbt_ioctl(struct block_device *bdev, unsigned cmd, char __user *arg)
 {
-	struct blk_user_cbt_info __user *ucbt_ioc = (struct blk_user_cbt_info __user *) arg;
+	struct blk_user_cbt_info __user *ucbt_ioc;
+
+	ucbt_ioc = (struct blk_user_cbt_info __user *) arg;
+
+	if (cmd == BLKCBTGET)
+		return cbt_ioc_get(bdev, ucbt_ioc);
+
+	if (!capable(CAP_SYS_ADMIN))
+		return -EACCES;
 
 	switch(cmd) {
 	case BLKCBTSTART:
-		if (!capable(CAP_SYS_ADMIN))
-			return -EACCES;
 		return cbt_ioc_init(bdev, ucbt_ioc);
 	case BLKCBTSTOP:
-		if (!capable(CAP_SYS_ADMIN))
-			return -EACCES;
-
 		return cbt_ioc_stop(bdev);
-	case BLKCBTGET:
-		return cbt_ioc_get(bdev, ucbt_ioc);
 	case BLKCBTSET:
-		if (!capable(CAP_SYS_ADMIN))
-			return -EACCES;
-
 		return cbt_ioc_set(bdev, ucbt_ioc, 1);
 	case BLKCBTCLR:
-		if (!capable(CAP_SYS_ADMIN))
-			return -EACCES;
-
 		return cbt_ioc_set(bdev, ucbt_ioc, 0);
 	default:
 		BUG();