^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 1) // SPDX-License-Identifier: GPL-2.0-only
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 3) * Pkey table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 4) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 5) * SELinux must keep a mapping of Infinband PKEYs to labels/SIDs. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 6) * mapping is maintained as part of the normal policy but a fast cache is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 7) * needed to reduce the lookup overhead.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 8) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 9) * This code is heavily based on the "netif" and "netport" concept originally
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) * developed by
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) * James Morris <jmorris@redhat.com> and
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) * Paul Moore <paul@paul-moore.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) * (see security/selinux/netif.c and security/selinux/netport.c for more
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) * information)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) * (c) Mellanox Technologies, 2016
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) #include <linux/rcupdate.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #include <linux/list.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) #include <linux/spinlock.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) #include "ibpkey.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) #include "objsec.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) #define SEL_PKEY_HASH_SIZE 256
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) #define SEL_PKEY_HASH_BKT_LIMIT 16
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) struct sel_ib_pkey_bkt {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) int size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) struct list_head list;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) struct sel_ib_pkey {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) struct pkey_security_struct psec;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) struct list_head list;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) struct rcu_head rcu;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43) static LIST_HEAD(sel_ib_pkey_list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44) static DEFINE_SPINLOCK(sel_ib_pkey_lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) static struct sel_ib_pkey_bkt sel_ib_pkey_hash[SEL_PKEY_HASH_SIZE];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) * sel_ib_pkey_hashfn - Hashing function for the pkey table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) * @pkey: pkey number
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51) * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52) * This is the hashing function for the pkey table, it returns the bucket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53) * number for the given pkey.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56) static unsigned int sel_ib_pkey_hashfn(u16 pkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) return (pkey & (SEL_PKEY_HASH_SIZE - 1));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) * sel_ib_pkey_find - Search for a pkey record
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) * @subnet_prefix: subnet_prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) * @pkey_num: pkey_num
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) * Search the pkey table and return the matching record. If an entry
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) * can not be found in the table return NULL.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) static struct sel_ib_pkey *sel_ib_pkey_find(u64 subnet_prefix, u16 pkey_num)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) unsigned int idx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) struct sel_ib_pkey *pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) idx = sel_ib_pkey_hashfn(pkey_num);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) list_for_each_entry_rcu(pkey, &sel_ib_pkey_hash[idx].list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) if (pkey->psec.pkey == pkey_num &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) pkey->psec.subnet_prefix == subnet_prefix)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) return pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 86) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 87) * sel_ib_pkey_insert - Insert a new pkey into the table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 88) * @pkey: the new pkey record
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 89) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 90) * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 91) * Add a new pkey record to the hash table.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 92) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 93) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 94) static void sel_ib_pkey_insert(struct sel_ib_pkey *pkey)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 95) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 96) unsigned int idx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 97)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 98) /* we need to impose a limit on the growth of the hash table so check
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 99) * this bucket to make sure it is within the specified bounds
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) idx = sel_ib_pkey_hashfn(pkey->psec.pkey);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) list_add_rcu(&pkey->list, &sel_ib_pkey_hash[idx].list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) if (sel_ib_pkey_hash[idx].size == SEL_PKEY_HASH_BKT_LIMIT) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) struct sel_ib_pkey *tail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) tail = list_entry(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) rcu_dereference_protected(
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) sel_ib_pkey_hash[idx].list.prev,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) lockdep_is_held(&sel_ib_pkey_lock)),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) struct sel_ib_pkey, list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) list_del_rcu(&tail->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) kfree_rcu(tail, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) } else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) sel_ib_pkey_hash[idx].size++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) * sel_ib_pkey_sid_slow - Lookup the SID of a pkey using the policy
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) * @subnet_prefix: subnet prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) * @pkey_num: pkey number
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) * @sid: pkey SID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) * This function determines the SID of a pkey by querying the security
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) * policy. The result is added to the pkey table to speedup future
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) * queries. Returns zero on success, negative values on failure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) static int sel_ib_pkey_sid_slow(u64 subnet_prefix, u16 pkey_num, u32 *sid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) struct sel_ib_pkey *pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) struct sel_ib_pkey *new = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) unsigned long flags;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) spin_lock_irqsave(&sel_ib_pkey_lock, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) pkey = sel_ib_pkey_find(subnet_prefix, pkey_num);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) if (pkey) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) *sid = pkey->psec.sid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) spin_unlock_irqrestore(&sel_ib_pkey_lock, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) ret = security_ib_pkey_sid(&selinux_state, subnet_prefix, pkey_num,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) sid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) if (ret)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) /* If this memory allocation fails still return 0. The SID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) * is valid, it just won't be added to the cache.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) new = kzalloc(sizeof(*new), GFP_ATOMIC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) if (!new) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) ret = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) new->psec.subnet_prefix = subnet_prefix;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) new->psec.pkey = pkey_num;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) new->psec.sid = *sid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) sel_ib_pkey_insert(new);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) spin_unlock_irqrestore(&sel_ib_pkey_lock, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) * sel_ib_pkey_sid - Lookup the SID of a PKEY
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) * @subnet_prefix: subnet_prefix
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) * @pkey_num: pkey number
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) * @sid: pkey SID
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) * This function determines the SID of a PKEY using the fastest method
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) * possible. First the pkey table is queried, but if an entry can't be found
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) * then the policy is queried and the result is added to the table to speedup
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) * future queries. Returns zero on success, negative values on failure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) int sel_ib_pkey_sid(u64 subnet_prefix, u16 pkey_num, u32 *sid)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) struct sel_ib_pkey *pkey;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) pkey = sel_ib_pkey_find(subnet_prefix, pkey_num);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) if (pkey) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) *sid = pkey->psec.sid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) return sel_ib_pkey_sid_slow(subnet_prefix, pkey_num, sid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) /**
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) * sel_ib_pkey_flush - Flush the entire pkey table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) * Description:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) * Remove all entries from the pkey table
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) void sel_ib_pkey_flush(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) unsigned int idx;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) struct sel_ib_pkey *pkey, *pkey_tmp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) unsigned long flags;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) spin_lock_irqsave(&sel_ib_pkey_lock, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) for (idx = 0; idx < SEL_PKEY_HASH_SIZE; idx++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) list_for_each_entry_safe(pkey, pkey_tmp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) &sel_ib_pkey_hash[idx].list, list) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) list_del_rcu(&pkey->list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) kfree_rcu(pkey, rcu);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) sel_ib_pkey_hash[idx].size = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) spin_unlock_irqrestore(&sel_ib_pkey_lock, flags);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) static __init int sel_ib_pkey_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) int iter;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) if (!selinux_enabled_boot)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) for (iter = 0; iter < SEL_PKEY_HASH_SIZE; iter++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) INIT_LIST_HEAD(&sel_ib_pkey_hash[iter].list);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) sel_ib_pkey_hash[iter].size = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) subsys_initcall(sel_ib_pkey_init);
Orange Pi5 kernel
Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards
3 Commits
0 Branches
0 Tags