selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Move cache based pkey sid retrieval code which was added
with commit "409dcf31" under CONFIG_SECURITY_INFINIBAND.
As its going to alloc a new cache which impacts
low RAM devices which was enabled by default.

Suggested-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>
[PM: checkpatch.pl cleanups, fixed capitalization in the description]
Signed-off-by: Paul Moore <paul@paul-moore.com>

authored by

Ravi Kumar Siddojigari and committed by

Paul Moore 6 years ago fe49c7e4 b82f3f68

+15 -2

2 changed files

expand all

security

selinux

Makefile

include

ibpkey.h

+3 -1

security/selinux/Makefile

··· 6 6 obj-$(CONFIG_SECURITY_SELINUX) := selinux.o 7 7 8 8 selinux-y := avc.o hooks.o selinuxfs.o netlink.o nlmsgtab.o netif.o \ 9 - netnode.o netport.o ibpkey.o \ 9 + netnode.o netport.o \ 10 10 ss/ebitmap.o ss/hashtab.o ss/symtab.o ss/sidtab.o ss/avtab.o \ 11 11 ss/policydb.o ss/services.o ss/conditional.o ss/mls.o ss/status.o 12 12 13 13 selinux-$(CONFIG_SECURITY_NETWORK_XFRM) += xfrm.o 14 14 15 15 selinux-$(CONFIG_NETLABEL) += netlabel.o 16 + 17 + selinux-$(CONFIG_SECURITY_INFINIBAND) += ibpkey.o 16 18 17 19 ccflags-y := -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include 18 20

+12 -1

security/selinux/include/ibpkey.h

··· 14 14 #ifndef _SELINUX_IB_PKEY_H 15 15 #define _SELINUX_IB_PKEY_H 16 16 17 + #ifdef CONFIG_SECURITY_INFINIBAND 17 18 void sel_ib_pkey_flush(void); 18 - 19 19 int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid); 20 + #else 21 + static inline void sel_ib_pkey_flush(void) 22 + { 23 + return; 24 + } 25 + static inline int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid) 26 + { 27 + *sid = SECINITSID_UNLABELED; 28 + return 0; 29 + } 30 + #endif 20 31 21 32 #endif