[v3,0/5] selinux: Assorted simplifications and cleanups

Message

Ondrej Mosnacek Feb. 3, 2020, 11:27 a.m. UTC

This series contains some boolean code simplifications that I discovered
while working on another patch. I believe they also save some run time
(although not in any perf-critical paths) and some memory overhead.

Changes in v3:
 - properly destroy all cond nodes in error path (bug found by Paul)
 - additional style fixes suggested by Paul

Changes in v2:
 - drop already merged 1st patch
 - drop the rewrite of security_preserve_bools(), keep only the
   evaluate_cond_node() return type change (requested by Paul)

Ondrej Mosnacek (5):
  selinux: simplify evaluate_cond_node()
  selinux: convert cond_list to array
  selinux: convert cond_av_list to array
  selinux: convert cond_expr to array
  selinux: generalize evaluate_cond_node()

 security/selinux/include/conditional.h |   8 +-
 security/selinux/selinuxfs.c           |   4 +-
 security/selinux/ss/conditional.c      | 251 ++++++++++---------------
 security/selinux/ss/conditional.h      |  27 +--
 security/selinux/ss/policydb.c         |   2 +-
 security/selinux/ss/policydb.h         |   3 +-
 security/selinux/ss/services.c         |  32 ++--
 7 files changed, 137 insertions(+), 190 deletions(-)