SELinux: do not allocate stack space for AVC data unless needed
authorEric Paris <eparis@redhat.com>
Tue, 3 Apr 2012 16:38:00 +0000 (09:38 -0700)
committerVarun Wadekar <vwadekar@nvidia.com>
Wed, 18 Apr 2012 13:07:14 +0000 (18:07 +0530)
commit8b905836fe935e31d1110258a06fc96eeccb2a57
treef0ad22bef4f1e8263b9abe746058e5dc4e7840f7
parent88eebfe9b2688d69c811625ec52af0332b025575
SELinux: do not allocate stack space for AVC data unless needed

Instead of declaring the entire selinux_audit_data on the stack when we
start an operation on declare it on the stack if we are going to use it.
We know it's usefulness at the end of the security decision and can declare
it there.

Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
security/selinux/avc.c
security/selinux/include/avc.h