2010/8/27 KaiGai Kohei <kaigai@xxxxxxxxxxxxx>: > I revised the /selinux/status implementation. > > * It becomes to report 'deny_unknown'. Userspace object manager > also reference this flag to decide its behavior when the loaded > policy does not support expected object classes. > * It provided PAGE_READONLY to remap_pfn_range() as page protection > flag independent from argument of mmap(2), but it was uncommon. > I fixed to pass vma->vm_page_prot instead of the hardwired flag > according to any other implementation style. > Now it returns an error, if user tries to map /selinux/status as > writable pages. I really hate blowing 4k of memory on every system to show 40 bytes of data on just a few systems. Is there any change we could allocate the page the first time it is needed rather that at boot? I know compared to the size of policy and other memory usage in SELinux it's odd for me to complain, but I've decided to get on a reduction if possible kick. Only other comment is that __initcall() is deprecated and we are supposed to use device_initcall() now. If you plan to use it, I'll ack if you change both of those things.... -Eric -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
