git.baikalelectronics.ru Git - kernel.git/commit

author	Matthew Wilcox <willy@infradead.org>
	Mon, 6 Jun 2022 20:23:22 +0000 (21:23 +0100)
committer	John Johansen <john.johansen@canonical.com>
	Thu, 14 Jul 2022 00:16:02 +0000 (17:16 -0700)
commit	36b7be4f5da31e216e0520dee2369cd58a4cc207
tree	e3059606b4e74c466263aabc28b5defd04fcdff2	tree \| snapshot
parent	9fe5971a046f638b9f024a56baa3ec25adf2eb02	commit \| diff

apparmor: Convert secid mapping to XArrays instead of IDR

XArrays are a better match than IDR for how AppArmor is mapping
secids. Specifically AppArmor is trying to keep the allocation
dense. XArrays also have the advantage of avoiding the complexity IDRs
preallocation.

In addition this avoids/fixes a lockdep issue raised in the LKML thread
"Linux 5.18-rc4"

where there is a report of an interaction between apparmor and IPC,
this warning may have been spurious as the reported issue is in a
per-cpu local lock taken by the IDR. With the one side in the IPC id
allocation and the other in AppArmor's secid allocation.

Description by John Johansen <john.johansen@canonical.com>

Message-Id: <226cee6a-6ca1-b603-db08-8500cd8f77b7@gnuweeb.org>
Signed-off-by: Matthew Wilcox <willy@infradead.org>
Signed-off-by: John Johansen <john.johansen@canonical.com>

security/apparmor/include/secid.h		diff \| blob \| history
security/apparmor/lsm.c		diff \| blob \| history
security/apparmor/secid.c		diff \| blob \| history