module: only handle errors with the *switch* statement in module_sig_check()

Let's handle the successful call of mod_verify_sig() right after that call,
making the *switch* statement only handle the real errors, and then move
the comment from the first *case* before *switch* itself and the comment
before *default* after it.  Fix the comment style, add article/comma/dash,
spell out "nomem" as "lack of memory" in these comments, while at it...

Suggested-by: Joe Perches <joe@perches.com>
Reviewed-by: Miroslav Benes <mbenes@suse.cz>
Signed-off-by: Sergey Shtylyov <s.shtylyov@omprussia.ru>
Signed-off-by: Jessica Yu <jeyu@kernel.org>

kernel/module.c

@@ -2895,17 +2895,18 @@ static int module_sig_check(struct load_info *info, int flags)
 		/* We truncate the module to discard the signature */
 		info->len -= markerlen;
 		err = mod_verify_sig(mod, info);
-	}
+		if (!err) {
-
-	switch (err) {
-	case 0:
 			info->sig_ok = true;
 			return 0;
+		}
+	}
 
-		/* We don't permit modules to be loaded into trusted kernels
+	/*
-		 * without a valid signature on them, but if we're not
+	 * We don't permit modules to be loaded into the trusted kernels
-		 * enforcing, certain errors are non-fatal.
+	 * without a valid signature on them, but if we're not enforcing,
+	 * certain errors are non-fatal.
 	 */
+	switch (err) {
 	case -ENODATA:
 		reason = "unsigned module";
 		break;
@@ -2916,11 +2917,12 @@ static int module_sig_check(struct load_info *info, int flags)
 		reason = "module with unavailable key";
 		break;
 
-		/* All other errors are fatal, including nomem, unparseable
-		 * signatures and signature check failures - even if signatures
-		 * aren't required.
-		 */
 	default:
+		/*
+		 * All other errors are fatal, including lack of memory,
+		 * unparseable signatures, and signature check failures --
+		 * even if signatures aren't required.
+		 */
 		return err;
 	}