TODO

@@ -20,11 +20,9 @@ Janitorial Clean-ups:
 
 Features:
 
-* port selinux code from mallinfo() to mallinfo2() once added to glibc
+* Provide a tool to hook into CONFIG_STATIC_USERMODEHELPER in the kernel, so
-
+  that we can collect all usermode helper calls and spawn them as regular
-* in fd_get_path() if we see (deleted) then do stat and check for st_nlink
+  services.
-
-* add support for close_range() added in kernel 5.9
 
 * Add service setting to run a service within the specified VRF. i.e. do the
   equivalent of "ip vrf exec".

meson.build

@@ -532,7 +532,6 @@ foreach ident : [
                                  #include <unistd.h>
                                  #include <signal.h>
                                  #include <sys/wait.h>'''],
-        ['mallinfo',          '''#include <malloc.h>'''],
 ]
 
         have = cc.has_function(ident[0], prefix : ident[1], args : '-D_GNU_SOURCE')

src/basic/macro.h

@@ -93,10 +93,6 @@
 #endif
 
 /* Temporarily disable some warnings */
-#define DISABLE_WARNING_DEPRECATED_DECLARATIONS                         \
-        _Pragma("GCC diagnostic push");                                 \
-        _Pragma("GCC diagnostic ignored \"-Wdeprecated-declarations\"")
-
 #define DISABLE_WARNING_FORMAT_NONLITERAL                               \
         _Pragma("GCC diagnostic push");                                 \
         _Pragma("GCC diagnostic ignored \"-Wformat-nonliteral\"")

src/basic/selinux-util.c

@@ -84,25 +84,14 @@ void mac_selinux_retest(void) {
 }
 
 #if HAVE_SELINUX
-#  if HAVE_MALLINFO
-static struct mallinfo mallinfo_nowarn(void) {
-        /* glibc has deprecated mallinfo(), but the replacement malloc_info() returns an XML blob ;=[ */
-DISABLE_WARNING_DEPRECATED_DECLARATIONS
-        return mallinfo();
-REENABLE_WARNING
-}
-#  else
-#    warning "mallinfo() is missing, add mallinfo2() supported instead."
-#  endif
-
 static int open_label_db(void) {
         struct selabel_handle *hnd;
         usec_t before_timestamp, after_timestamp;
+        struct mallinfo before_mallinfo, after_mallinfo;
         char timespan[FORMAT_TIMESPAN_MAX];
+        int l;
 
-#  if HAVE_MALLINFO
+        before_mallinfo = mallinfo();
-        struct mallinfo before_mallinfo = mallinfo_nowarn();
-#  endif
         before_timestamp = now(CLOCK_MONOTONIC);
 
         hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0);
@@ -110,16 +99,13 @@ static int open_label_db(void) {
                 return log_enforcing_errno(errno, "Failed to initialize SELinux labeling handle: %m");
 
         after_timestamp = now(CLOCK_MONOTONIC);
-#  if HAVE_MALLINFO
+        after_mallinfo = mallinfo();
-        struct mallinfo after_mallinfo = mallinfo_nowarn();
+
-        int l = after_mallinfo.uordblks > before_mallinfo.uordblks ? after_mallinfo.uordblks - before_mallinfo.uordblks : 0;
+        l = after_mallinfo.uordblks > before_mallinfo.uordblks ? after_mallinfo.uordblks - before_mallinfo.uordblks : 0;
+
         log_debug("Successfully loaded SELinux database in %s, size on heap is %iK.",
                   format_timespan(timespan, sizeof(timespan), after_timestamp - before_timestamp, 0),
-                  DIV_ROUND_UP(l, 1024));
+                  (l+1023)/1024);
-#  else
-        log_debug("Successfully loaded SELinux database in %s.",
-                  format_timespan(timespan, sizeof(timespan), after_timestamp - before_timestamp, 0));
-#  endif
 
         /* release memory after measurement */
         if (label_hnd)