selinux: clarify return code in filename_trans_read_helper_compat()

For the "conflicting/duplicate rules" branch in
filename_trans_read_helper_compat() the Smatch static checker reports:

    security/selinux/ss/policydb.c:1953 filename_trans_read_helper_compat()
    warn: missing error code 'rc'

While the value of rc will already always be zero here, it is not
obvious that it's the case and that it's the intended return value
(Smatch expects rc to be assigned within 5 lines from the goto).
Therefore, add an explicit assignment just before the goto to make the
intent more clear and the code less error-prone.

Fixes: c3a276111ea2 ("selinux: optimize storage of filename transitions")
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://lore.kernel.org/selinux/722b90c4-1f4b-42ff-a6c2-108ea262bd10@moroto.mountain/
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>

1 files changed, 1 insertions, 0 deletions

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 9a23362c42f4..383f3ae82a73 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -1950,6 +1950,7 @@ static int filename_trans_read_helper_compat(struct policydb *p, void *fp)
 		if (unlikely(ebitmap_get_bit(&datum->stypes, stype - 1))) {
 			/* conflicting/duplicate rules are ignored */
 			datum = NULL;
+			rc = 0;
 			goto out;
 		}
 		if (likely(datum->otype == otype))