apparmor: Convert secid mapping to XArrays instead of IDR

XArrays are a better match than IDR for how AppArmor is mapping secids. Specifically AppArmor is trying to keep the allocation dense. XArrays also have the advantage of avoiding the complexity IDRs preallocation. In addition this avoids/fixes a lockdep issue raised in the LKML thread "Linux 5.18-rc4" where there is a report of an interaction between apparmor and IPC, this warning may have been spurious as the reported issue is in a per-cpu local lock taken by the IDR. With the one side in the IPC id allocation and the other in AppArmor's secid allocation. Description by John Johansen <john.johansen@canonical.com> Message-Id: <226cee6a-6ca1-b603-db08-8500cd8f77b7@gnuweeb.org> Signed-off-by: Matthew Wilcox <willy@infradead.org> Signed-off-by: John Johansen <john.johansen@canonical.com>
author: Matthew Wilcox <willy@infradead.org> 2022-06-06 21:23:22 +0100
committer: John Johansen <john.johansen@canonical.com> 2022-07-13 17:16:02 -0700
commit: df4390934da48e0462d1e77fba3e15f080e2c2a0 (patch)
tree: e3059606b4e74c466263aabc28b5defd04fcdff2 /security/apparmor/lsm.c
parent: 95c0581f9bfdfbe97126ba1c7f5650a9dd064dda (diff)
1 files changed, 0 insertions, 2 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 9efb7ac60c7c..b1a0f2172a2e 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -1857,8 +1857,6 @@ static int __init apparmor_init(void)
 {
 	int error;
 
-	aa_secids_init();
-
 	error = aa_setup_dfa_engine();
 	if (error) {
 		AA_ERROR("Unable to setup dfa engine\n");
author	Matthew Wilcox <willy@infradead.org>	2022-06-06 21:23:22 +0100
committer	John Johansen <john.johansen@canonical.com>	2022-07-13 17:16:02 -0700
commit	df4390934da48e0462d1e77fba3e15f080e2c2a0 (patch)
tree	e3059606b4e74c466263aabc28b5defd04fcdff2 /security/apparmor/lsm.c
parent	95c0581f9bfdfbe97126ba1c7f5650a9dd064dda (diff)