On 1/16/2020 4:04 AM, Ondrej Mosnacek wrote: > This series contains some simplifications that I discovered while > working on another patch. I believe they also save some run time > (although not in any perf-critical paths) and some memory overhead. > > The first patch is a cleanup in security_load_policy() It's a real nuisance that the security server code uses the prefix "security_". If you're making significant changes in the security server it would be really nice to clean up the namespace collision. > that avoids a > pointless allocation during initial policy load. The rest are > cleanups/simplifications of the booleans-related code - mostly > converting linked lists to arrays. > > Ondrej Mosnacek (6): > selinux: do not allocate ancillary buffer on first load > selinux: simplify security_preserve_bools() > selinux: convert cond_list to array > selinux: convert cond_av_list to array > selinux: convert cond_expr to array > selinux: generalize evaluate_cond_node() > > security/selinux/include/conditional.h | 6 +- > security/selinux/selinuxfs.c | 4 +- > security/selinux/ss/conditional.c | 252 ++++++++++--------------- > security/selinux/ss/conditional.h | 27 +-- > security/selinux/ss/policydb.c | 2 +- > security/selinux/ss/policydb.h | 3 +- > security/selinux/ss/services.c | 95 ++++------ > 7 files changed, 160 insertions(+), 229 deletions(-) >
