linux-stable-rt/security/selinux/ss
Eric Paris 6371dcd36f selinux: convert the policy type_attr_map to flex_array
Current selinux policy can have over 3000 types.  The type_attr_map in
policy is an array sized by the number of types times sizeof(struct ebitmap)
(12 on x86_64).  Basic math tells us the array is going to be of length
3000 x 12 = 36,000 bytes.  The largest 'safe' allocation on a long running
system is 16k.  Most of the time a 32k allocation will work.  But on long
running systems a 64k allocation (what we need) can fail quite regularly.
In order to deal with this I am converting the type_attr_map to use
flex_arrays.  Let the library code deal with breaking this into PAGE_SIZE
pieces.

-v2
rework some of the if(!obj) BUG() to be BUG_ON(!obj)
drop flex_array_put() calls and just use a _get() object directly

-v3
make apply to James' tree (drop the policydb_write changes)

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by:  Stephen D. Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
2010-08-02 15:38:39 +10:00
..
Makefile
avtab.c
avtab.h
conditional.c selinux: fix error codes in cond_read_bool() 2010-08-02 15:35:04 +10:00
conditional.h
constraint.h
context.h
ebitmap.c
ebitmap.h
hashtab.c
hashtab.h
mls.c
mls.h
mls_types.h
policydb.c selinux: convert the policy type_attr_map to flex_array 2010-08-02 15:38:39 +10:00
policydb.h selinux: convert the policy type_attr_map to flex_array 2010-08-02 15:38:39 +10:00
services.c selinux: convert the policy type_attr_map to flex_array 2010-08-02 15:38:39 +10:00
services.h
sidtab.c
sidtab.h
symtab.c selinux: fix error codes in symtab_init() 2010-08-02 15:35:04 +10:00
symtab.h