Commit acdf52d9 authored by Kent Overstreet's avatar Kent Overstreet Committed by Linus Torvalds

selinux: convert to kvmalloc

The flex arrays were being used for constant sized arrays, so there's no
benefit to using flex_arrays over something simpler.

Link: http://lkml.kernel.org/r/20181217131929.11727-4-kent.overstreet@gmail.comSigned-off-by: default avatarKent Overstreet <kent.overstreet@gmail.com>
Cc: Paul Moore <paul@paul-moore.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Eric Paris <eparis@parisplace.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Cc: Pravin B Shelar <pshelar@ovn.org>
Cc: Shaohua Li <shli@kernel.org>
Cc: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent b330e6a4
...@@ -93,12 +93,10 @@ avtab_insert_node(struct avtab *h, int hvalue, ...@@ -93,12 +93,10 @@ avtab_insert_node(struct avtab *h, int hvalue,
newnode->next = prev->next; newnode->next = prev->next;
prev->next = newnode; prev->next = newnode;
} else { } else {
newnode->next = flex_array_get_ptr(h->htable, hvalue); struct avtab_node **n = &h->htable[hvalue];
if (flex_array_put_ptr(h->htable, hvalue, newnode,
GFP_KERNEL|__GFP_ZERO)) { newnode->next = *n;
kmem_cache_free(avtab_node_cachep, newnode); *n = newnode;
return NULL;
}
} }
h->nel++; h->nel++;
...@@ -111,11 +109,11 @@ static int avtab_insert(struct avtab *h, struct avtab_key *key, struct avtab_dat ...@@ -111,11 +109,11 @@ static int avtab_insert(struct avtab *h, struct avtab_key *key, struct avtab_dat
struct avtab_node *prev, *cur, *newnode; struct avtab_node *prev, *cur, *newnode;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->htable) if (!h)
return -EINVAL; return -EINVAL;
hvalue = avtab_hash(key, h->mask); hvalue = avtab_hash(key, h->mask);
for (prev = NULL, cur = flex_array_get_ptr(h->htable, hvalue); for (prev = NULL, cur = h->htable[hvalue];
cur; cur;
prev = cur, cur = cur->next) { prev = cur, cur = cur->next) {
if (key->source_type == cur->key.source_type && if (key->source_type == cur->key.source_type &&
...@@ -156,10 +154,10 @@ avtab_insert_nonunique(struct avtab *h, struct avtab_key *key, struct avtab_datu ...@@ -156,10 +154,10 @@ avtab_insert_nonunique(struct avtab *h, struct avtab_key *key, struct avtab_datu
struct avtab_node *prev, *cur; struct avtab_node *prev, *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->htable) if (!h)
return NULL; return NULL;
hvalue = avtab_hash(key, h->mask); hvalue = avtab_hash(key, h->mask);
for (prev = NULL, cur = flex_array_get_ptr(h->htable, hvalue); for (prev = NULL, cur = h->htable[hvalue];
cur; cur;
prev = cur, cur = cur->next) { prev = cur, cur = cur->next) {
if (key->source_type == cur->key.source_type && if (key->source_type == cur->key.source_type &&
...@@ -186,11 +184,11 @@ struct avtab_datum *avtab_search(struct avtab *h, struct avtab_key *key) ...@@ -186,11 +184,11 @@ struct avtab_datum *avtab_search(struct avtab *h, struct avtab_key *key)
struct avtab_node *cur; struct avtab_node *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->htable) if (!h)
return NULL; return NULL;
hvalue = avtab_hash(key, h->mask); hvalue = avtab_hash(key, h->mask);
for (cur = flex_array_get_ptr(h->htable, hvalue); cur; for (cur = h->htable[hvalue]; cur;
cur = cur->next) { cur = cur->next) {
if (key->source_type == cur->key.source_type && if (key->source_type == cur->key.source_type &&
key->target_type == cur->key.target_type && key->target_type == cur->key.target_type &&
...@@ -222,11 +220,11 @@ avtab_search_node(struct avtab *h, struct avtab_key *key) ...@@ -222,11 +220,11 @@ avtab_search_node(struct avtab *h, struct avtab_key *key)
struct avtab_node *cur; struct avtab_node *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD); u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
if (!h || !h->htable) if (!h)
return NULL; return NULL;
hvalue = avtab_hash(key, h->mask); hvalue = avtab_hash(key, h->mask);
for (cur = flex_array_get_ptr(h->htable, hvalue); cur; for (cur = h->htable[hvalue]; cur;
cur = cur->next) { cur = cur->next) {
if (key->source_type == cur->key.source_type && if (key->source_type == cur->key.source_type &&
key->target_type == cur->key.target_type && key->target_type == cur->key.target_type &&
...@@ -281,11 +279,11 @@ void avtab_destroy(struct avtab *h) ...@@ -281,11 +279,11 @@ void avtab_destroy(struct avtab *h)
int i; int i;
struct avtab_node *cur, *temp; struct avtab_node *cur, *temp;
if (!h || !h->htable) if (!h)
return; return;
for (i = 0; i < h->nslot; i++) { for (i = 0; i < h->nslot; i++) {
cur = flex_array_get_ptr(h->htable, i); cur = h->htable[i];
while (cur) { while (cur) {
temp = cur; temp = cur;
cur = cur->next; cur = cur->next;
...@@ -295,7 +293,7 @@ void avtab_destroy(struct avtab *h) ...@@ -295,7 +293,7 @@ void avtab_destroy(struct avtab *h)
kmem_cache_free(avtab_node_cachep, temp); kmem_cache_free(avtab_node_cachep, temp);
} }
} }
flex_array_free(h->htable); kvfree(h->htable);
h->htable = NULL; h->htable = NULL;
h->nslot = 0; h->nslot = 0;
h->mask = 0; h->mask = 0;
...@@ -303,6 +301,7 @@ void avtab_destroy(struct avtab *h) ...@@ -303,6 +301,7 @@ void avtab_destroy(struct avtab *h)
int avtab_init(struct avtab *h) int avtab_init(struct avtab *h)
{ {
kvfree(h->htable);
h->htable = NULL; h->htable = NULL;
h->nel = 0; h->nel = 0;
return 0; return 0;
...@@ -329,8 +328,7 @@ int avtab_alloc(struct avtab *h, u32 nrules) ...@@ -329,8 +328,7 @@ int avtab_alloc(struct avtab *h, u32 nrules)
nslot = MAX_AVTAB_HASH_BUCKETS; nslot = MAX_AVTAB_HASH_BUCKETS;
mask = nslot - 1; mask = nslot - 1;
h->htable = flex_array_alloc(sizeof(struct avtab_node *), nslot, h->htable = kvcalloc(nslot, sizeof(void *), GFP_KERNEL);
GFP_KERNEL | __GFP_ZERO);
if (!h->htable) if (!h->htable)
return -ENOMEM; return -ENOMEM;
...@@ -353,7 +351,7 @@ void avtab_hash_eval(struct avtab *h, char *tag) ...@@ -353,7 +351,7 @@ void avtab_hash_eval(struct avtab *h, char *tag)
max_chain_len = 0; max_chain_len = 0;
chain2_len_sum = 0; chain2_len_sum = 0;
for (i = 0; i < h->nslot; i++) { for (i = 0; i < h->nslot; i++) {
cur = flex_array_get_ptr(h->htable, i); cur = h->htable[i];
if (cur) { if (cur) {
slots_used++; slots_used++;
chain_len = 0; chain_len = 0;
...@@ -646,7 +644,7 @@ int avtab_write(struct policydb *p, struct avtab *a, void *fp) ...@@ -646,7 +644,7 @@ int avtab_write(struct policydb *p, struct avtab *a, void *fp)
return rc; return rc;
for (i = 0; i < a->nslot; i++) { for (i = 0; i < a->nslot; i++) {
for (cur = flex_array_get_ptr(a->htable, i); cur; for (cur = a->htable[i]; cur;
cur = cur->next) { cur = cur->next) {
rc = avtab_write_item(p, cur, fp); rc = avtab_write_item(p, cur, fp);
if (rc) if (rc)
......
...@@ -24,7 +24,6 @@ ...@@ -24,7 +24,6 @@
#define _SS_AVTAB_H_ #define _SS_AVTAB_H_
#include "security.h" #include "security.h"
#include <linux/flex_array.h>
struct avtab_key { struct avtab_key {
u16 source_type; /* source type */ u16 source_type; /* source type */
...@@ -84,11 +83,10 @@ struct avtab_node { ...@@ -84,11 +83,10 @@ struct avtab_node {
}; };
struct avtab { struct avtab {
struct flex_array *htable; struct avtab_node **htable;
u32 nel; /* number of elements */ u32 nel; /* number of elements */
u32 nslot; /* number of hash slots */ u32 nslot; /* number of hash slots */
u32 mask; /* mask to compute hash func */ u32 mask; /* mask to compute hash func */
}; };
int avtab_init(struct avtab *); int avtab_init(struct avtab *);
......
...@@ -195,7 +195,6 @@ int cond_index_bool(void *key, void *datum, void *datap) ...@@ -195,7 +195,6 @@ int cond_index_bool(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct cond_bool_datum *booldatum; struct cond_bool_datum *booldatum;
struct flex_array *fa;
booldatum = datum; booldatum = datum;
p = datap; p = datap;
...@@ -203,10 +202,7 @@ int cond_index_bool(void *key, void *datum, void *datap) ...@@ -203,10 +202,7 @@ int cond_index_bool(void *key, void *datum, void *datap)
if (!booldatum->value || booldatum->value > p->p_bools.nprim) if (!booldatum->value || booldatum->value > p->p_bools.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_BOOLS]; p->sym_val_to_name[SYM_BOOLS][booldatum->value - 1] = key;
if (flex_array_put_ptr(fa, booldatum->value - 1, key,
GFP_KERNEL | __GFP_ZERO))
BUG();
p->bool_val_to_struct[booldatum->value - 1] = booldatum; p->bool_val_to_struct[booldatum->value - 1] = booldatum;
return 0; return 0;
......
...@@ -36,7 +36,6 @@ ...@@ -36,7 +36,6 @@
#include <linux/string.h> #include <linux/string.h>
#include <linux/errno.h> #include <linux/errno.h>
#include <linux/audit.h> #include <linux/audit.h>
#include <linux/flex_array.h>
#include "security.h" #include "security.h"
#include "policydb.h" #include "policydb.h"
...@@ -341,17 +340,14 @@ static int common_index(void *key, void *datum, void *datap) ...@@ -341,17 +340,14 @@ static int common_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct common_datum *comdatum; struct common_datum *comdatum;
struct flex_array *fa;
comdatum = datum; comdatum = datum;
p = datap; p = datap;
if (!comdatum->value || comdatum->value > p->p_commons.nprim) if (!comdatum->value || comdatum->value > p->p_commons.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_COMMONS]; p->sym_val_to_name[SYM_COMMONS][comdatum->value - 1] = key;
if (flex_array_put_ptr(fa, comdatum->value - 1, key,
GFP_KERNEL | __GFP_ZERO))
BUG();
return 0; return 0;
} }
...@@ -359,16 +355,13 @@ static int class_index(void *key, void *datum, void *datap) ...@@ -359,16 +355,13 @@ static int class_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct class_datum *cladatum; struct class_datum *cladatum;
struct flex_array *fa;
cladatum = datum; cladatum = datum;
p = datap; p = datap;
if (!cladatum->value || cladatum->value > p->p_classes.nprim) if (!cladatum->value || cladatum->value > p->p_classes.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_CLASSES];
if (flex_array_put_ptr(fa, cladatum->value - 1, key, p->sym_val_to_name[SYM_CLASSES][cladatum->value - 1] = key;
GFP_KERNEL | __GFP_ZERO))
BUG();
p->class_val_to_struct[cladatum->value - 1] = cladatum; p->class_val_to_struct[cladatum->value - 1] = cladatum;
return 0; return 0;
} }
...@@ -377,7 +370,6 @@ static int role_index(void *key, void *datum, void *datap) ...@@ -377,7 +370,6 @@ static int role_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct role_datum *role; struct role_datum *role;
struct flex_array *fa;
role = datum; role = datum;
p = datap; p = datap;
...@@ -386,10 +378,7 @@ static int role_index(void *key, void *datum, void *datap) ...@@ -386,10 +378,7 @@ static int role_index(void *key, void *datum, void *datap)
|| role->bounds > p->p_roles.nprim) || role->bounds > p->p_roles.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_ROLES]; p->sym_val_to_name[SYM_ROLES][role->value - 1] = key;
if (flex_array_put_ptr(fa, role->value - 1, key,
GFP_KERNEL | __GFP_ZERO))
BUG();
p->role_val_to_struct[role->value - 1] = role; p->role_val_to_struct[role->value - 1] = role;
return 0; return 0;
} }
...@@ -398,7 +387,6 @@ static int type_index(void *key, void *datum, void *datap) ...@@ -398,7 +387,6 @@ static int type_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct type_datum *typdatum; struct type_datum *typdatum;
struct flex_array *fa;
typdatum = datum; typdatum = datum;
p = datap; p = datap;
...@@ -408,15 +396,8 @@ static int type_index(void *key, void *datum, void *datap) ...@@ -408,15 +396,8 @@ static int type_index(void *key, void *datum, void *datap)
|| typdatum->value > p->p_types.nprim || typdatum->value > p->p_types.nprim
|| typdatum->bounds > p->p_types.nprim) || typdatum->bounds > p->p_types.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_TYPES]; p->sym_val_to_name[SYM_TYPES][typdatum->value - 1] = key;
if (flex_array_put_ptr(fa, typdatum->value - 1, key, p->type_val_to_struct_array[typdatum->value - 1] = typdatum;
GFP_KERNEL | __GFP_ZERO))
BUG();
fa = p->type_val_to_struct_array;
if (flex_array_put_ptr(fa, typdatum->value - 1, typdatum,
GFP_KERNEL | __GFP_ZERO))
BUG();
} }
return 0; return 0;
...@@ -426,7 +407,6 @@ static int user_index(void *key, void *datum, void *datap) ...@@ -426,7 +407,6 @@ static int user_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct user_datum *usrdatum; struct user_datum *usrdatum;
struct flex_array *fa;
usrdatum = datum; usrdatum = datum;
p = datap; p = datap;
...@@ -435,10 +415,7 @@ static int user_index(void *key, void *datum, void *datap) ...@@ -435,10 +415,7 @@ static int user_index(void *key, void *datum, void *datap)
|| usrdatum->bounds > p->p_users.nprim) || usrdatum->bounds > p->p_users.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_USERS]; p->sym_val_to_name[SYM_USERS][usrdatum->value - 1] = key;
if (flex_array_put_ptr(fa, usrdatum->value - 1, key,
GFP_KERNEL | __GFP_ZERO))
BUG();
p->user_val_to_struct[usrdatum->value - 1] = usrdatum; p->user_val_to_struct[usrdatum->value - 1] = usrdatum;
return 0; return 0;
} }
...@@ -447,7 +424,6 @@ static int sens_index(void *key, void *datum, void *datap) ...@@ -447,7 +424,6 @@ static int sens_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct level_datum *levdatum; struct level_datum *levdatum;
struct flex_array *fa;
levdatum = datum; levdatum = datum;
p = datap; p = datap;
...@@ -456,10 +432,8 @@ static int sens_index(void *key, void *datum, void *datap) ...@@ -456,10 +432,8 @@ static int sens_index(void *key, void *datum, void *datap)
if (!levdatum->level->sens || if (!levdatum->level->sens ||
levdatum->level->sens > p->p_levels.nprim) levdatum->level->sens > p->p_levels.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_LEVELS];
if (flex_array_put_ptr(fa, levdatum->level->sens - 1, key, p->sym_val_to_name[SYM_LEVELS][levdatum->level->sens - 1] = key;
GFP_KERNEL | __GFP_ZERO))
BUG();
} }
return 0; return 0;
...@@ -469,7 +443,6 @@ static int cat_index(void *key, void *datum, void *datap) ...@@ -469,7 +443,6 @@ static int cat_index(void *key, void *datum, void *datap)
{ {
struct policydb *p; struct policydb *p;
struct cat_datum *catdatum; struct cat_datum *catdatum;
struct flex_array *fa;
catdatum = datum; catdatum = datum;
p = datap; p = datap;
...@@ -477,10 +450,8 @@ static int cat_index(void *key, void *datum, void *datap) ...@@ -477,10 +450,8 @@ static int cat_index(void *key, void *datum, void *datap)
if (!catdatum->isalias) { if (!catdatum->isalias) {
if (!catdatum->value || catdatum->value > p->p_cats.nprim) if (!catdatum->value || catdatum->value > p->p_cats.nprim)
return -EINVAL; return -EINVAL;
fa = p->sym_val_to_name[SYM_CATS];
if (flex_array_put_ptr(fa, catdatum->value - 1, key, p->sym_val_to_name[SYM_CATS][catdatum->value - 1] = key;
GFP_KERNEL | __GFP_ZERO))
BUG();
} }
return 0; return 0;
...@@ -568,35 +539,23 @@ static int policydb_index(struct policydb *p) ...@@ -568,35 +539,23 @@ static int policydb_index(struct policydb *p)
if (!p->user_val_to_struct) if (!p->user_val_to_struct)
return -ENOMEM; return -ENOMEM;
/* Yes, I want the sizeof the pointer, not the structure */ p->type_val_to_struct_array = kvcalloc(p->p_types.nprim,
p->type_val_to_struct_array = flex_array_alloc(sizeof(struct type_datum *), sizeof(*p->type_val_to_struct_array),
p->p_types.nprim, GFP_KERNEL);
GFP_KERNEL | __GFP_ZERO);
if (!p->type_val_to_struct_array) if (!p->type_val_to_struct_array)
return -ENOMEM; return -ENOMEM;
rc = flex_array_prealloc(p->type_val_to_struct_array, 0,
p->p_types.nprim, GFP_KERNEL | __GFP_ZERO);
if (rc)
goto out;
rc = cond_init_bool_indexes(p); rc = cond_init_bool_indexes(p);
if (rc) if (rc)
goto out; goto out;
for (i = 0; i < SYM_NUM; i++) { for (i = 0; i < SYM_NUM; i++) {
p->sym_val_to_name[i] = flex_array_alloc(sizeof(char *), p->sym_val_to_name[i] = kvcalloc(p->symtab[i].nprim,
p->symtab[i].nprim, sizeof(char *),
GFP_KERNEL | __GFP_ZERO); GFP_KERNEL);
if (!p->sym_val_to_name[i]) if (!p->sym_val_to_name[i])
return -ENOMEM; return -ENOMEM;
rc = flex_array_prealloc(p->sym_val_to_name[i],
0, p->symtab[i].nprim,
GFP_KERNEL | __GFP_ZERO);
if (rc)
goto out;
rc = hashtab_map(p->symtab[i].table, index_f[i], p); rc = hashtab_map(p->symtab[i].table, index_f[i], p);
if (rc) if (rc)
goto out; goto out;
...@@ -810,16 +769,13 @@ void policydb_destroy(struct policydb *p) ...@@ -810,16 +769,13 @@ void policydb_destroy(struct policydb *p)
hashtab_destroy(p->symtab[i].table); hashtab_destroy(p->symtab[i].table);
} }
for (i = 0; i < SYM_NUM; i++) { for (i = 0; i < SYM_NUM; i++)
if (p->sym_val_to_name[i]) kvfree(p->sym_val_to_name[i]);
flex_array_free(p->sym_val_to_name[i]);
}
kfree(p->class_val_to_struct); kfree(p->class_val_to_struct);
kfree(p->role_val_to_struct); kfree(p->role_val_to_struct);
kfree(p->user_val_to_struct); kfree(p->user_val_to_struct);
if (p->type_val_to_struct_array) kvfree(p->type_val_to_struct_array);
flex_array_free(p->type_val_to_struct_array);
avtab_destroy(&p->te_avtab); avtab_destroy(&p->te_avtab);
...@@ -872,17 +828,9 @@ void policydb_destroy(struct policydb *p) ...@@ -872,17 +828,9 @@ void policydb_destroy(struct policydb *p)
hashtab_map(p->range_tr, range_tr_destroy, NULL); hashtab_map(p->range_tr, range_tr_destroy, NULL);
hashtab_destroy(p->range_tr); hashtab_destroy(p->range_tr);
if (p->type_attr_map_array) { for (i = 0; i < p->p_types.nprim; i++)
for (i = 0; i < p->p_types.nprim; i++) { ebitmap_destroy(&p->type_attr_map_array[i]);
struct ebitmap *e; kvfree(p->type_attr_map_array);
e = flex_array_get(p->type_attr_map_array, i);
if (!e)
continue;
ebitmap_destroy(e);
}
flex_array_free(p->type_attr_map_array);
}
ebitmap_destroy(&p->filename_trans_ttypes); ebitmap_destroy(&p->filename_trans_ttypes);
ebitmap_destroy(&p->policycaps); ebitmap_destroy(&p->policycaps);
...@@ -1770,8 +1718,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap) ...@@ -1770,8 +1718,7 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap)
return -EINVAL; return -EINVAL;
} }
upper = flex_array_get_ptr(p->type_val_to_struct_array, upper = p->type_val_to_struct_array[upper->bounds - 1];
upper->bounds - 1);
BUG_ON(!upper); BUG_ON(!upper);
if (upper->attribute) { if (upper->attribute) {
...@@ -2543,23 +2490,15 @@ int policydb_read(struct policydb *p, void *fp) ...@@ -2543,23 +2490,15 @@ int policydb_read(struct policydb *p, void *fp)
if (rc) if (rc)
goto bad; goto bad;
rc = -ENOMEM; p->type_attr_map_array = kvcalloc(p->p_types.nprim,
p->type_attr_map_array = flex_array_alloc(sizeof(struct ebitmap), sizeof(*p->type_attr_map_array),
p->p_types.nprim, GFP_KERNEL);
GFP_KERNEL | __GFP_ZERO);
if (!p->type_attr_map_array) if (!p->type_attr_map_array)
goto bad; goto bad;
/* preallocate so we don't have to worry about the put ever failing */
rc = flex_array_prealloc(p->type_attr_map_array, 0, p->p_types.nprim,
GFP_KERNEL | __GFP_ZERO);
if (rc)
goto bad;
for (i = 0; i < p->p_types.nprim; i++) { for (i = 0; i < p->p_types.nprim; i++) {
struct ebitmap *e = flex_array_get(p->type_attr_map_array, i); struct ebitmap *e = &p->type_attr_map_array[i];
BUG_ON(!e);
ebitmap_init(e); ebitmap_init(e);
if (p->policyvers >= POLICYDB_VERSION_AVTAB) { if (p->policyvers >= POLICYDB_VERSION_AVTAB) {
rc = ebitmap_read(e, fp); rc = ebitmap_read(e, fp);
...@@ -3554,9 +3493,8 @@ int policydb_write(struct policydb *p, void *fp) ...@@ -3554,9 +3493,8 @@ int policydb_write(struct policydb *p, void *fp)
return rc; return rc;
for (i = 0; i < p->p_types.nprim; i++) { for (i = 0; i < p->p_types.nprim; i++) {
struct ebitmap *e = flex_array_get(p->type_attr_map_array, i); struct ebitmap *e = &p->type_attr_map_array[i];
BUG_ON(!e);
rc = ebitmap_write(e, fp); rc = ebitmap_write(e, fp);
if (rc) if (rc)
return rc; return rc;
......
...@@ -24,8 +24,6 @@ ...@@ -24,8 +24,6 @@
#ifndef _SS_POLICYDB_H_ #ifndef _SS_POLICYDB_H_
#define _SS_POLICYDB_H_ #define _SS_POLICYDB_H_
#include <linux/flex_array.h>
#include "symtab.h" #include "symtab.h"
#include "avtab.h" #include "avtab.h"
#include "sidtab.h" #include "sidtab.h"
...@@ -251,13 +249,13 @@ struct policydb { ...@@ -251,13 +249,13 @@ struct policydb {
#define p_cats symtab[SYM_CATS] #define p_cats symtab[SYM_CATS]
/* symbol names indexed by (value - 1) */ /* symbol names indexed by (value - 1) */
struct flex_array *sym_val_to_name[SYM_NUM]; char **sym_val_to_name[SYM_NUM];
/* class, role, and user attributes indexed by (value - 1) */ /* class, role, and user attributes indexed by (value - 1) */
struct class_datum **class_val_to_struct; struct class_datum **class_val_to_struct;
struct role_datum **role_val_to_struct; struct role_datum **role_val_to_struct;
struct user_datum **user_val_to_struct; struct user_datum **user_val_to_struct;
struct flex_array *type_val_to_struct_array; struct type_datum **type_val_to_struct_array;
/* type enforcement access vectors and transitions */ /* type enforcement access vectors and transitions */
struct avtab te_avtab; struct avtab te_avtab;
...@@ -294,7 +292,7 @@ struct policydb { ...@@ -294,7 +292,7 @@ struct policydb {
struct hashtab *range_tr; struct hashtab *range_tr;
/* type -> attribute reverse mapping */ /* type -> attribute reverse mapping */
struct flex_array *type_attr_map_array; struct ebitmap *type_attr_map_array;
struct ebitmap policycaps; struct ebitmap policycaps;
...@@ -369,9 +367,7 @@ static inline int put_entry(const void *buf, size_t bytes, int num, struct polic ...@@ -369,9 +367,7 @@ static inline int put_entry(const void *buf, size_t bytes, int num, struct polic
static inline char *sym_name(struct policydb *p, unsigned int sym_num, unsigned int element_nr) static inline char *sym_name(struct policydb *p, unsigned int sym_num, unsigned int element_nr)
{ {
struct flex_array *fa = p->sym_val_to_name[sym_num]; return p->sym_val_to_name[sym_num][element_nr];
return flex_array_get_ptr(fa, element_nr);
} }
extern u16 string_to_security_class(struct policydb *p, const char *name); extern u16 string_to_security_class(struct policydb *p, const char *name);
......
...@@ -49,7 +49,6 @@ ...@@ -49,7 +49,6 @@
#include <linux/sched.h> #include <linux/sched.h>
#include <linux/audit.h> #include <linux/audit.h>
#include <linux/mutex.h> #include <linux/mutex.h>
#include <linux/flex_array.h>
#include <linux/vmalloc.h> #include <linux/vmalloc.h>
#include <net/netlabel.h> #include <net/netlabel.h>
...@@ -545,15 +544,13 @@ static void type_attribute_bounds_av(struct policydb *policydb, ...@@ -545,15 +544,13 @@ static void type_attribute_bounds_av(struct policydb *policydb,
struct type_datum *target; struct type_datum *target;
u32 masked = 0; u32 masked = 0;
source = flex_array_get_ptr(policydb->type_val_to_struct_array, source = policydb->type_val_to_struct_array[scontext->type - 1];
scontext->type - 1);
BUG_ON(!source); BUG_ON(!source);
if (!source->bounds) if (!source->bounds)
return; return;
target = flex_array_get_ptr(policydb->type_val_to_struct_array, target = policydb->type_val_to_struct_array[tcontext->type - 1];
tcontext->type - 1);
BUG_ON(!target); BUG_ON(!target);
memset(&lo_avd, 0, sizeof(lo_avd)); memset(&lo_avd, 0, sizeof(lo_avd));
...@@ -653,11 +650,9 @@ static void context_struct_compute_av(struct policydb *policydb, ...@@ -653,11 +650,9 @@ static void context_struct_compute_av(struct policydb *policydb,
*/ */
avkey.target_class = tclass; avkey.target_class = tclass;
avkey.specified = AVTAB_AV | AVTAB_XPERMS; avkey.specified = AVTAB_AV | AVTAB_XPERMS;
sattr = flex_array_get(policydb->type_attr_map_array, sattr = &policydb->type_attr_map_array[scontext->type - 1];
scontext->type - 1);
BUG_ON(!sattr); BUG_ON(!sattr);
tattr = flex_array_get(policydb->type_attr_map_array, tattr = &policydb->type_attr_map_array[tcontext->type - 1];
tcontext->type - 1);
BUG_ON(!tattr); BUG_ON(!tattr);
ebitmap_for_each_positive_bit(sattr, snode, i) { ebitmap_for_each_positive_bit(sattr, snode, i) {
ebitmap_for_each_positive_bit(tattr, tnode, j) { ebitmap_for_each_positive_bit(tattr, tnode, j) {
...@@ -900,8 +895,7 @@ int security_bounded_transition(struct selinux_state *state, ...@@ -900,8 +895,7 @@ int security_bounded_transition(struct selinux_state *state,
index = new_context->type; index = new_context->type;
while (true) { while (true) {
type = flex_array_get_ptr(policydb->type_val_to_struct_array, type = policydb->type_val_to_struct_array[index - 1];
index - 1);
BUG_ON(!type); BUG_ON(!type);
/* not bounded anymore */ /* not bounded anymore */
...@@ -1064,11 +1058,9 @@ void security_compute_xperms_decision(struct selinux_state *state, ...@@ -1064,11 +1058,9 @@ void security_compute_xperms_decision(struct selinux_state *state,
avkey.target_class = tclass; avkey.target_class = tclass;
avkey.specified = AVTAB_XPERMS; avkey.specified = AVTAB_XPERMS;
sattr = flex_array_get(policydb->type_attr_map_array, sattr = &policydb->type_attr_map_array[scontext->type - 1];
scontext->type - 1);
BUG_ON(!sattr); BUG_ON(!sattr);
tattr = flex_array_get(policydb->type_attr_map_array, tattr = &policydb->type_attr_map_array[tcontext->type - 1];
tcontext->type - 1);
BUG_ON(!tattr); BUG_ON(!tattr);
ebitmap_for_each_positive_bit(sattr, snode, i) { ebitmap_for_each_positive_bit(sattr, snode, i) {
ebitmap_for_each_positive_bit(tattr, tnode, j) { ebitmap_for_each_positive_bit(tattr, tnode, j) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment