On 2023/07/19 6:01, Paul Moore wrote:
> On Jul 6, 2023 Gong Ruiqi <gongruiqi1@xxxxxxxxxx> wrote:
>>
>> Security classes have only up to 32 permissions, hence using an u16 is
>> sufficient (while improving padding).
>
> Can you explain the improved padding comment?
I think what Christian means is that struct selinux_mapping will occupy
less memory since num_perms is changed from uint (32 bits) to u16, which
saves 16 bits of space due to padding.
> [...]
>
>> diff --git a/security/selinux/ss/services.h b/security/selinux/ss/services.h
>> index 8a9b85f44b66..b6f99353301e 100644
>> --- a/security/selinux/ss/services.h
>> +++ b/security/selinux/ss/services.h
>> @@ -12,7 +12,7 @@
>> /* Mapping for a single class */
>> struct selinux_mapping {
>> u16 value; /* policy value for class */
>> - unsigned int num_perms; /* number of permissions in class */
>> + u16 num_perms; /* number of permissions in class */
>> u32 perms[sizeof(u32) * 8]; /* policy values for permissions */
>> };
Check here.
>>
>> --
>> 2.40.1
>
> --
> paul-moore.com
