22 Apr, 2008
1 commit
-
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
SELinux: one little, two little, three little whitespaces, the avc.c saga.
SELinux: cleanup on isle selinuxfs.c
changing whitespace for fun and profit: policydb.c
SELinux: whitespace and formating fixes for hooks.c
SELinux: clean up printks
SELinux: sidtab.c whitespace, syntax, and static declaraction cleanups
SELinux: services.c whitespace, syntax, and static declaraction cleanups
SELinux: mls.c whitespace, syntax, and static declaraction cleanups
SELinux: hashtab.c whitespace, syntax, and static declaraction cleanups
SELinux: ebitmap.c whitespace, syntax, and static declaraction cleanups
SELinux: conditional.c whitespace, syntax, and static declaraction cleanups
SELinux: avtab.c whitespace, syntax, and static declaraction cleanups
SELinux: xfrm.c whitespace, syntax, and static declaraction cleanups
SELinux: nlmsgtab.c whitespace, syntax, and static declaraction cleanups
SELinux: netnode.c whitespace, syntax, and static declaraction cleanups
SELinux: netlink.c whitespace, syntax, and static declaraction cleanups
SELinux: netlabel.c whitespace, syntax, and static declaraction cleanups
SELinux: netif.c whitespace, syntax, and static declaraction cleanups
21 Apr, 2008
2 commits
-
Make sure all printk start with KERN_*
Make sure all printk end with \n
Make sure all printk have the word 'selinux' in them
Change "function name" to "%s", __func__ (found 2 wrong)Signed-off-by: Eric Paris
Signed-off-by: James Morris -
This patch changes conditional.c to fix whitespace and syntax issues. Things that
are fixed may include (does not not have to include)whitespace at end of lines
spaces followed by tabs
spaces used instead of tabs
spacing around parenthesis
locateion of { around struct and else clauses
location of * in pointer declarations
removal of initialization of static data to keep it in the right section
useless {} in if statemetns
useless checking for NULL before kfree
fixing of the indentation depth of switch statements
and any number of other things I forgot to mentionSigned-off-by: Eric Paris
Signed-off-by: James Morris
19 Apr, 2008
1 commit
-
None of these files use any of the functionality promised by
asm/semaphore.h.Signed-off-by: Matthew Wilcox
18 Apr, 2008
1 commit
-
Replace "security:" prefixes in printk messages with "SELinux"
to help users identify the source of the messages. Also fix a
couple of minor formatting issues.Signed-off-by: James Morris
08 Nov, 2007
1 commit
-
Add more validity checks at policy load time to reject malformed
policies and prevent subsequent out-of-range indexing when in permissive
mode. Resolves the NULL pointer dereference reported in
https://bugzilla.redhat.com/show_bug.cgi?id=357541.Signed-off-by: Stephen Smalley
Signed-off-by: James Morris
17 Oct, 2007
1 commit
-
This patch reduces memory usage of SELinux by tuning avtab. Number of hash
slots in avtab was 32768. Unused slots used memory when number of rules is
fewer. This patch decides number of hash slots dynamically based on number
of rules. (chain length)^2 is also printed out in avtab_hash_eval to see
standard deviation of avtab hash table.Signed-off-by: Yuichi Nakamura
Acked-by: Stephen Smalley
Signed-off-by: James Morris
31 Oct, 2005
1 commit
-
This patch converts SELinux code from kmalloc/memset to the new kazalloc
unction. On i386, this results in a text saving of over 1K.Before:
text data bss dec hex filename
86319 4642 15236 106197 19ed5 security/selinux/built-in.oAfter:
text data bss dec hex filename
85278 4642 15236 105156 19ac4 security/selinux/built-in.oSigned-off-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
05 Sep, 2005
2 commits
-
This patch adds endian notations to the SELinux code.
Signed-off-by: Stephen Smalley
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
This patch improves memory use by SELinux by both reducing the avtab node
size and reducing the number of avtab nodes. The memory savings are
substantial, e.g. on a 64-bit system after boot, James Morris reported the
following data for the targeted and strict policies:#objs objsize kernmem
Targeted:
Before: 237888 40 9.1MB
After: 19968 24 468KBStrict:
Before: 571680 40 21.81MB
After: 221052 24 5.06MBThe improvement in memory use comes at a cost in the speed of security
server computations of access vectors, but these computations are only
required on AVC cache misses, and performance measurements by James Morris
using a number of benchmarks have shown that the change does not cause any
significant degradation.Note that a rebuilt policy via an updated policy toolchain
(libsepol/checkpolicy) is required in order to gain the full benefits of
this patch, although some memory savings benefits are immediately applied
even to older policies (in particular, the reduction in avtab node size).
Sources for the updated toolchain are presently available from the
sourceforge CVS tree (http://sourceforge.net/cvs/?group_id=21266), and
tarballs are available from http://www.flux.utah.edu/~sds.Signed-off-by: Stephen Smalley
Signed-off-by: James Morris
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
26 Jun, 2005
1 commit
-
kfree(NULL) is legal.
Signed-off-by: Jesper Juhl
Acked-by: Stephen Smalley
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
17 Apr, 2005
1 commit
-
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.Let it rip!
