This series contains some simplifications that I discovered while working on another patch. I believe they also save some run time (although not in any perf-critical paths) and some memory overhead. The first patch is a cleanup in security_load_policy() that avoids a pointless allocation during initial policy load. The rest are cleanups/simplifications of the booleans-related code - mostly converting linked lists to arrays. Ondrej Mosnacek (6): selinux: do not allocate ancillary buffer on first load selinux: simplify security_preserve_bools() selinux: convert cond_list to array selinux: convert cond_av_list to array selinux: convert cond_expr to array selinux: generalize evaluate_cond_node() security/selinux/include/conditional.h | 6 +- security/selinux/selinuxfs.c | 4 +- security/selinux/ss/conditional.c | 252 ++++++++++--------------- security/selinux/ss/conditional.h | 27 +-- security/selinux/ss/policydb.c | 2 +- security/selinux/ss/policydb.h | 3 +- security/selinux/ss/services.c | 95 ++++------ 7 files changed, 160 insertions(+), 229 deletions(-) -- 2.24.1
