mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-17 10:26:09 +00:00
e67b79850f
Linus observed that the pervasive passing of selinux_state pointers
introduced by me in commit aa8e712cee93 ("selinux: wrap global selinux
state") adds overhead and complexity without providing any
benefit. The original idea was to pave the way for SELinux namespaces
but those have not yet been implemented and there isn't currently
a concrete plan to do so. Remove the passing of the selinux_state
pointers, reverting to direct use of the single global selinux_state,
and likewise remove passing of child pointers like the selinux_avc.
The selinux_policy pointer remains as it is needed for atomic switching
of policies.
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Reported-by: kernel test robot <lkp@intel.com>
Link: https://lore.kernel.org/oe-kbuild-all/202303101057.mZ3Gv5fK-lkp@intel.com/
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
24 lines
535 B
C
24 lines
535 B
C
/* SPDX-License-Identifier: GPL-2.0-only */
|
|
/*
|
|
* Interface to booleans in the security server. This is exported
|
|
* for the selinuxfs.
|
|
*
|
|
* Author: Karl MacMillan <kmacmillan@tresys.com>
|
|
*
|
|
* Copyright (C) 2003 - 2004 Tresys Technology, LLC
|
|
*/
|
|
|
|
#ifndef _SELINUX_CONDITIONAL_H_
|
|
#define _SELINUX_CONDITIONAL_H_
|
|
|
|
#include "security.h"
|
|
|
|
int security_get_bools(struct selinux_policy *policy,
|
|
u32 *len, char ***names, int **values);
|
|
|
|
int security_set_bools(u32 len, int *values);
|
|
|
|
int security_get_bool_value(u32 index);
|
|
|
|
#endif
|