selinux: do not allocate ancillary buffer on first load
authorOndrej Mosnacek <omosnace@redhat.com>
Thu, 16 Jan 2020 12:04:34 +0000 (13:04 +0100)
committerPaul Moore <paul@paul-moore.com>
Thu, 16 Jan 2020 21:05:25 +0000 (16:05 -0500)
commitdd89b9d9f37decab85e000384d229abdcd9944ae
tree9375dc3bb6a32493cf1b965b6d5560036d253196
parentcb89e2465896f30d4247ac9ff47d30522e39745a
selinux: do not allocate ancillary buffer on first load

In security_load_policy(), we can defer allocating the newpolicydb
ancillary array to after checking state->initialized, thereby avoiding
the pointless allocation when loading policy the first time.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
[PM: merged portions by hand]
Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <paul@paul-moore.com>
security/selinux/ss/services.c