mirror of https://gitee.com/openkylin/linux.git
selinux: move ibpkeys code under CONFIG_SECURITY_INFINIBAND.
Move cache based pkey sid retrieval code which was added with commit "409dcf31" under CONFIG_SECURITY_INFINIBAND. As its going to alloc a new cache which impacts low RAM devices which was enabled by default. Suggested-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Ravi Kumar Siddojigari <rsiddoji@codeaurora.org> [PM: checkpatch.pl cleanups, fixed capitalization in the description] Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
parent
b82f3f6894
commit
fe49c7e4f8
|
@ -6,7 +6,7 @@
|
|||
obj-$(CONFIG_SECURITY_SELINUX) := selinux.o
|
||||
|
||||
selinux-y := avc.o hooks.o selinuxfs.o netlink.o nlmsgtab.o netif.o \
|
||||
netnode.o netport.o ibpkey.o \
|
||||
netnode.o netport.o \
|
||||
ss/ebitmap.o ss/hashtab.o ss/symtab.o ss/sidtab.o ss/avtab.o \
|
||||
ss/policydb.o ss/services.o ss/conditional.o ss/mls.o ss/status.o
|
||||
|
||||
|
@ -14,6 +14,8 @@ selinux-$(CONFIG_SECURITY_NETWORK_XFRM) += xfrm.o
|
|||
|
||||
selinux-$(CONFIG_NETLABEL) += netlabel.o
|
||||
|
||||
selinux-$(CONFIG_SECURITY_INFINIBAND) += ibpkey.o
|
||||
|
||||
ccflags-y := -I$(srctree)/security/selinux -I$(srctree)/security/selinux/include
|
||||
|
||||
$(addprefix $(obj)/,$(selinux-y)): $(obj)/flask.h
|
||||
|
|
|
@ -14,8 +14,19 @@
|
|||
#ifndef _SELINUX_IB_PKEY_H
|
||||
#define _SELINUX_IB_PKEY_H
|
||||
|
||||
#ifdef CONFIG_SECURITY_INFINIBAND
|
||||
void sel_ib_pkey_flush(void);
|
||||
|
||||
int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid);
|
||||
#else
|
||||
static inline void sel_ib_pkey_flush(void)
|
||||
{
|
||||
return;
|
||||
}
|
||||
static inline int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey, u32 *sid)
|
||||
{
|
||||
*sid = SECINITSID_UNLABELED;
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue