diff options
author | Paul Moore <paul@paul-moore.com> | 2024-01-18 20:44:21 -0500 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2024-01-25 10:52:21 -0500 |
commit | 90593caf7db74da2300f7a7056a26ae000b3e7cd (patch) | |
tree | 3dbeaedc5d689d09322a578f46493be95165ad33 /security | |
parent | 6613476e225e090cc9aad49be7fa504e290dd33d (diff) |
selinux: reduce the object class calculations at inode init time
We only need to call inode_mode_to_security_class() once in
selinux_inode_init_security().
Reviewed-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/hooks.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index a6bf90ace84c..48ae90327fa4 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2920,23 +2920,22 @@ static int selinux_inode_init_security(struct inode *inode, struct inode *dir, struct superblock_security_struct *sbsec; struct xattr *xattr = lsm_get_xattr_slot(xattrs, xattr_count); u32 newsid, clen; + u16 newsclass; int rc; char *context; sbsec = selinux_superblock(dir->i_sb); newsid = tsec->create_sid; - - rc = selinux_determine_inode_label(tsec, dir, qstr, - inode_mode_to_security_class(inode->i_mode), - &newsid); + newsclass = inode_mode_to_security_class(inode->i_mode); + rc = selinux_determine_inode_label(tsec, dir, qstr, newsclass, &newsid); if (rc) return rc; /* Possibly defer initialization to selinux_complete_init. */ if (sbsec->flags & SE_SBINITIALIZED) { struct inode_security_struct *isec = selinux_inode(inode); - isec->sclass = inode_mode_to_security_class(inode->i_mode); + isec->sclass = newsclass; isec->sid = newsid; isec->initialized = LABEL_INITIALIZED; } |