| commit | f01e1af445fac107e91d62a2d59dd535f633810b | |
| author | Linus Torvalds <torvalds@linux-foundation.org> | |
| Tue, 24 May 2011 20:48:51 +0000 (24 13:48 -0700) | ||
| committer | Linus Torvalds <torvalds@linux-foundation.org> | |
| Fri, 27 May 2011 01:13:57 +0000 (26 18:13 -0700) | ||
| tree | f5da7e4162f0a6f4bb50e4cb41f6a06c672f66b0 | treesnapshot (tar.gz zip) |
| parent | bc9bc72e2f9bb07384c00604d1a40d0b5f62be6c | commitdiff |
selinux: don't pass in NULL avd to avc_has_perm_noaudit
Right now security_get_user_sids() will pass in a NULL avd pointer to
avc_has_perm_noaudit(), which then forces that function to have a dummy
entry for that case and just generally test it.
Don't do it. The normal callers all pass a real avd pointer, and this
helper function is incredibly hot. So don't make avc_has_perm_noaudit()
do conditional stuff that isn't needed for the common case.
This also avoids some duplicated stack space.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Right now security_get_user_sids() will pass in a NULL avd pointer to
avc_has_perm_noaudit(), which then forces that function to have a dummy
entry for that case and just generally test it.
Don't do it. The normal callers all pass a real avd pointer, and this
helper function is incredibly hot. So don't make avc_has_perm_noaudit()
do conditional stuff that isn't needed for the common case.
This also avoids some duplicated stack space.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
| security/selinux/avc.c | diffblobblamehistory | |
| security/selinux/ss/services.c | diffblobblamehistory |