On 9/17/19 3:20 AM, zhanglin wrote:
remove unecessary multiplications of sel_write_load().
I'm not sure it is really a performance improvement since the compiler
generates the same code (at least on x86_64). I'm wondering though
whether we still need this check at all. It was originally patterned
after a similar check for loading kernel modules, which was removed in
f946eeb9313ff147075 ("module: Remove module size limit").
Signed-off-by: zhanglin <zhang.lin16@xxxxxxxxxx>
---
security/selinux/selinuxfs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index f3a5a138a096..4b2d87b6fcf9 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -117,6 +117,7 @@ static void selinux_fs_info_free(struct super_block *sb)
#define SEL_CLASS_INO_OFFSET 0x04000000
#define SEL_POLICYCAP_INO_OFFSET 0x08000000
#define SEL_INO_MASK 0x00ffffff
+#define SEL_LOAD_MAX 0x04000000
#define TMPBUFLEN 12
static ssize_t sel_read_enforce(struct file *filp, char __user *buf,
@@ -550,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
goto out;
length = -EFBIG;
- if (count > 64 * 1024 * 1024)
+ if (count > SEL_LOAD_MAX)
goto out;
length = -ENOMEM;
