From: Paul Moore <paul@paul-moore.com>
To: "Mike Rapoport (Microsoft)" <rppt@kernel.org>,
James Morris <jmorris@namei.org>,
John Johansen <john.johansen@canonical.com>,
Ondrej Mosnacek <omosnace@redhat.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
Stephen Smalley <stephen.smalley.work@gmail.com>
Cc: Mike Rapoport <rppt@kernel.org>,
apparmor@lists.ubuntu.com, selinux@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH 1/3] selinux: use k[mz]alloc() to allocate temporary buffers
Date: Wed, 27 May 2026 19:42:33 -0400 [thread overview]
Message-ID: <c8fb6387f3c1efa126013090f45528c6@paul-moore.com> (raw)
In-Reply-To: <20260520-security-v1-1-831bd8e21dd0@kernel.org>
On May 20, 2026 "Mike Rapoport (Microsoft)" <rppt@kernel.org> wrote:
>
> Several functions in selinuxfs.c allocate temporary buffers using
> __get_free_page() or get_zeroed_page().
>
> These buffers are used either to store a string generated by snprintf() (in
> sel_make_bools()) or to copy data from user (sel_read_avc_hash_stats() and
> sel_read_sidtab_hash_stats()).
>
> Such usage does not require struct page access and it is better to allocate
> these buffers with kzalloc()/kmalloc() that provide better scalability and
> more debugging possibilities.
>
> Replace use of get_zeroed_page() with kzalloc() and usage of
> __get_free_page() with kmalloc().
>
> Link: https://lore.kernel.org/all/635405e4-9423-4a25-a6e7-e03c8ea0bcbe@redhat.com
> Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
> ---
> security/selinux/selinuxfs.c | 12 ++++++------
> 1 file changed, 6 insertions(+), 6 deletions(-)
I suspect if we look closer we can probably also trim some of those
allocations to less then a page, but that can be work for another day.
Merged into selinux/dev, thanks Mike.
--
paul-moore.com
next prev parent reply other threads:[~2026-05-27 23:42 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-20 8:18 [PATCH 0/3] security: replace __get_free_pages() call with kmalloc() Mike Rapoport (Microsoft)
2026-05-20 8:18 ` [PATCH 1/3] selinux: use k[mz]alloc() to allocate temporary buffers Mike Rapoport (Microsoft)
2026-05-27 23:42 ` Paul Moore [this message]
2026-05-20 8:18 ` [PATCH 2/3] selinux: hooks: use __getname() to allocate path buffer Mike Rapoport (Microsoft)
2026-05-27 23:42 ` Paul Moore
2026-05-20 8:18 ` [PATCH 3/3] apparmor: replace get_zeroed_page() with kzalloc() Mike Rapoport (Microsoft)
2026-05-27 23:42 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c8fb6387f3c1efa126013090f45528c6@paul-moore.com \
--to=paul@paul-moore.com \
--cc=apparmor@lists.ubuntu.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=omosnace@redhat.com \
--cc=rppt@kernel.org \
--cc=selinux@vger.kernel.org \
--cc=serge@hallyn.com \
--cc=stephen.smalley.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox