Message ID | 1568704836-14357-1-git-send-email-zhang.lin16@zte.com.cn (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | selinux: improve performance of sel_write_load() | expand |
On 9/17/19 3:20 AM, zhanglin wrote: > remove unecessary multiplications of sel_write_load(). I'm not sure it is really a performance improvement since the compiler generates the same code (at least on x86_64). I'm wondering though whether we still need this check at all. It was originally patterned after a similar check for loading kernel modules, which was removed in f946eeb9313ff147075 ("module: Remove module size limit"). > > Signed-off-by: zhanglin <zhang.lin16@zte.com.cn> > --- > security/selinux/selinuxfs.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c > index f3a5a138a096..4b2d87b6fcf9 100644 > --- a/security/selinux/selinuxfs.c > +++ b/security/selinux/selinuxfs.c > @@ -117,6 +117,7 @@ static void selinux_fs_info_free(struct super_block *sb) > #define SEL_CLASS_INO_OFFSET 0x04000000 > #define SEL_POLICYCAP_INO_OFFSET 0x08000000 > #define SEL_INO_MASK 0x00ffffff > +#define SEL_LOAD_MAX 0x04000000 > > #define TMPBUFLEN 12 > static ssize_t sel_read_enforce(struct file *filp, char __user *buf, > @@ -550,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf, > goto out; > > length = -EFBIG; > - if (count > 64 * 1024 * 1024) > + if (count > SEL_LOAD_MAX) > goto out; > > length = -ENOMEM; >
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c index f3a5a138a096..4b2d87b6fcf9 100644 --- a/security/selinux/selinuxfs.c +++ b/security/selinux/selinuxfs.c @@ -117,6 +117,7 @@ static void selinux_fs_info_free(struct super_block *sb) #define SEL_CLASS_INO_OFFSET 0x04000000 #define SEL_POLICYCAP_INO_OFFSET 0x08000000 #define SEL_INO_MASK 0x00ffffff +#define SEL_LOAD_MAX 0x04000000 #define TMPBUFLEN 12 static ssize_t sel_read_enforce(struct file *filp, char __user *buf, @@ -550,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf, goto out; length = -EFBIG; - if (count > 64 * 1024 * 1024) + if (count > SEL_LOAD_MAX) goto out; length = -ENOMEM;
remove unecessary multiplications of sel_write_load(). Signed-off-by: zhanglin <zhang.lin16@zte.com.cn> --- security/selinux/selinuxfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)