On Thu, Jan 9, 2020 at 6:11 AM Ravi Kumar Siddojigari <rsiddoji@xxxxxxxxxxxxxx> wrote: > > Move cache based pkey sid retrieval code which was added > with Commit "409dcf31" under CONFIG_SECURITY_INFINIBAND. > As its going to alloc a new cache which impacts > low ram devices which was enabled by default. > > Suggested-by: Paul Moore <paul@xxxxxxxxxxxxxx> > Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@xxxxxxxxxxxxxx> > --- > security/selinux/Makefile | 4 +++- > security/selinux/include/ibpkey.h | 12 ++++++++++++ > 2 files changed, 15 insertions(+), 1 deletion(-) I just merged this into selinux/next but I had to fix a few style errors that were found by scripts/checkpatch.pl (whitespace, function braces); please remember to run checkpatch.pl on all your patch submissions. -Paul > diff --git a/security/selinux/Makefile b/security/selinux/Makefile > index ccf950409384..2000f95fb197 100644 > --- a/security/selinux/Makefile > +++ b/security/selinux/Makefile > @@ -6,7 +6,7 @@ > obj-$(CONFIG_SECURITY_SELINUX) := selinux.o > > selinux-y := avc.o hooks.o selinuxfs.o netlink.o nlmsgtab.o netif.o \ > - netnode.o netport.o ibpkey.o \ > + netnode.o netport.o \ > ss/ebitmap.o ss/hashtab.o ss/symtab.o ss/sidtab.o ss/avtab.o \ > ss/policydb.o ss/services.o ss/conditional.o ss/mls.o ss/status.o > > @@ -14,6 +14,8 @@ selinux-$(CONFIG_SECURITY_NETWORK_XFRM) += xfrm.o > > selinux-$(CONFIG_NETLABEL) += netlabel.o > > +selinux-$(CONFIG_SECURITY_INFINIBAND) += ibpkey.o > + > ccflags-y := -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include > > $(addprefix $(obj)/,$(selinux-y)): $(obj)/flask.h > diff --git a/security/selinux/include/ibpkey.h b/security/selinux/include/ibpkey.h > index a2ebe397bcb7..e3c08287fd9a 100644 > --- a/security/selinux/include/ibpkey.h > +++ b/security/selinux/include/ibpkey.h > @@ -14,8 +14,20 @@ > #ifndef _SELINUX_IB_PKEY_H > #define _SELINUX_IB_PKEY_H > > +#ifdef CONFIG_SECURITY_INFINIBAND > void sel_ib_pkey_flush(void); > > int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid); > > +#else > +static inline void sel_ib_pkey_flush(void) { > + return; > +} > + > +static inline int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid) { > + *sid = SECINITSID_UNLABELED; > + return 0; > +} > +#endif > + > #endif > -- > The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, > a Linux Foundation Collaborative Project -- paul moore www.paul-moore.com