Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 48c62af68a403ef1655546bd3e021070c8508573^! / . / security / lsm_audit.c
commit48c62af68a403ef1655546bd3e021070c8508573[log] [tgz]
authorEric Paris <eparis@redhat.com>Mon Apr 02 13:15:44 2012 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>Tue Apr 03 09:49:10 2012 -0700
treeba938e4fb45d5bdaad2dad44071d0625f8e36945
parent3b3b0e4fc15efa507b902d90cea39e496a523c3b [diff] [blame]
LSM: shrink the common_audit_data data union

After shrinking the common_audit_data stack usage for private LSM data I'm
not going to shrink the data union.  To do this I'm going to move anything
larger than 2 void * ptrs to it's own structure and require it to be declared
separately on the calling stack.  Thus hot paths which don't need more than
a couple pointer don't have to declare space to hold large unneeded
structures.  I could get this down to one void * by dealing with the key
struct and the struct path.  We'll see if that is helpful after taking care of
networking.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 8b8f090..e96c6aa 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c

@@ -49,8 +49,8 @@
 	if (ih == NULL)
 		return -EINVAL;
 
-	ad->u.net.v4info.saddr = ih->saddr;
-	ad->u.net.v4info.daddr = ih->daddr;
+	ad->u.net->v4info.saddr = ih->saddr;
+	ad->u.net->v4info.daddr = ih->daddr;
 
 	if (proto)
 		*proto = ih->protocol;
@@ -64,8 +64,8 @@
 		if (th == NULL)
 			break;
 
-		ad->u.net.sport = th->source;
-		ad->u.net.dport = th->dest;
+		ad->u.net->sport = th->source;
+		ad->u.net->dport = th->dest;
 		break;
 	}
 	case IPPROTO_UDP: {
@@ -73,8 +73,8 @@
 		if (uh == NULL)
 			break;
 
-		ad->u.net.sport = uh->source;
-		ad->u.net.dport = uh->dest;
+		ad->u.net->sport = uh->source;
+		ad->u.net->dport = uh->dest;
 		break;
 	}
 	case IPPROTO_DCCP: {
@@ -82,16 +82,16 @@
 		if (dh == NULL)
 			break;
 
-		ad->u.net.sport = dh->dccph_sport;
-		ad->u.net.dport = dh->dccph_dport;
+		ad->u.net->sport = dh->dccph_sport;
+		ad->u.net->dport = dh->dccph_dport;
 		break;
 	}
 	case IPPROTO_SCTP: {
 		struct sctphdr *sh = sctp_hdr(skb);
 		if (sh == NULL)
 			break;
-		ad->u.net.sport = sh->source;
-		ad->u.net.dport = sh->dest;
+		ad->u.net->sport = sh->source;
+		ad->u.net->dport = sh->dest;
 		break;
 	}
 	default:
@@ -119,8 +119,8 @@
 	ip6 = ipv6_hdr(skb);
 	if (ip6 == NULL)
 		return -EINVAL;
-	ad->u.net.v6info.saddr = ip6->saddr;
-	ad->u.net.v6info.daddr = ip6->daddr;
+	ad->u.net->v6info.saddr = ip6->saddr;
+	ad->u.net->v6info.daddr = ip6->daddr;
 	ret = 0;
 	/* IPv6 can have several extension header before the Transport header
 	 * skip them */
@@ -140,8 +140,8 @@
 		if (th == NULL)
 			break;
 
-		ad->u.net.sport = th->source;
-		ad->u.net.dport = th->dest;
+		ad->u.net->sport = th->source;
+		ad->u.net->dport = th->dest;
 		break;
 	}
 	case IPPROTO_UDP: {
@@ -151,8 +151,8 @@
 		if (uh == NULL)
 			break;
 
-		ad->u.net.sport = uh->source;
-		ad->u.net.dport = uh->dest;
+		ad->u.net->sport = uh->source;
+		ad->u.net->dport = uh->dest;
 		break;
 	}
 	case IPPROTO_DCCP: {
@@ -162,8 +162,8 @@
 		if (dh == NULL)
 			break;
 
-		ad->u.net.sport = dh->dccph_sport;
-		ad->u.net.dport = dh->dccph_dport;
+		ad->u.net->sport = dh->dccph_sport;
+		ad->u.net->dport = dh->dccph_dport;
 		break;
 	}
 	case IPPROTO_SCTP: {
@@ -172,8 +172,8 @@
 		sh = skb_header_pointer(skb, offset, sizeof(_sctph), &_sctph);
 		if (sh == NULL)
 			break;
-		ad->u.net.sport = sh->source;
-		ad->u.net.dport = sh->dest;
+		ad->u.net->sport = sh->source;
+		ad->u.net->dport = sh->dest;
 		break;
 	}
 	default:
@@ -281,8 +281,8 @@
 		}
 		break;
 	case LSM_AUDIT_DATA_NET:
-		if (a->u.net.sk) {
-			struct sock *sk = a->u.net.sk;
+		if (a->u.net->sk) {
+			struct sock *sk = a->u.net->sk;
 			struct unix_sock *u;
 			int len = 0;
 			char *p = NULL;
@@ -330,29 +330,29 @@
 			}
 		}
 
-		switch (a->u.net.family) {
+		switch (a->u.net->family) {
 		case AF_INET:
-			print_ipv4_addr(ab, a->u.net.v4info.saddr,
-					a->u.net.sport,
+			print_ipv4_addr(ab, a->u.net->v4info.saddr,
+					a->u.net->sport,
 					"saddr", "src");
-			print_ipv4_addr(ab, a->u.net.v4info.daddr,
-					a->u.net.dport,
+			print_ipv4_addr(ab, a->u.net->v4info.daddr,
+					a->u.net->dport,
 					"daddr", "dest");
 			break;
 		case AF_INET6:
-			print_ipv6_addr(ab, &a->u.net.v6info.saddr,
-					a->u.net.sport,
+			print_ipv6_addr(ab, &a->u.net->v6info.saddr,
+					a->u.net->sport,
 					"saddr", "src");
-			print_ipv6_addr(ab, &a->u.net.v6info.daddr,
-					a->u.net.dport,
+			print_ipv6_addr(ab, &a->u.net->v6info.daddr,
+					a->u.net->dport,
 					"daddr", "dest");
 			break;
 		}
-		if (a->u.net.netif > 0) {
+		if (a->u.net->netif > 0) {
 			struct net_device *dev;
 
 			/* NOTE: we always use init's namespace */
-			dev = dev_get_by_index(&init_net, a->u.net.netif);
+			dev = dev_get_by_index(&init_net, a->u.net->netif);
 			if (dev) {
 				audit_log_format(ab, " netif=%s", dev->name);
 				dev_put(dev);