1 files changed, 6 insertions, 2 deletions

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 799d15aa35f9..305399225010 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -126,6 +126,7 @@ int selinux_enabled = 1;
 #endif
 
 static struct kmem_cache *sel_inode_cache;
+static struct kmem_cache *file_security_cache;
 
 /**
  * selinux_secmark_enabled - Check to see if SECMARK is currently enabled
@@ -287,7 +288,7 @@ static int file_alloc_security(struct file *file)
         struct file_security_struct *fsec;
         u32 sid = current_sid();
 
-        fsec = kzalloc(sizeof(struct file_security_struct), GFP_KERNEL);
+        fsec = kmem_cache_zalloc(file_security_cache, GFP_KERNEL);
         if (!fsec)
                 return -ENOMEM;
 
@@ -302,7 +303,7 @@ static void file_free_security(struct file *file)
 {
         struct file_security_struct *fsec = file->f_security;
         file->f_security = NULL;
-        kfree(fsec);
+        kmem_cache_free(file_security_cache, fsec);
 }
 
 static int superblock_alloc_security(struct super_block *sb)
@@ -6086,6 +6087,9 @@ static __init int selinux_init(void)
         sel_inode_cache = kmem_cache_create("selinux_inode_security",
                                             sizeof(struct inode_security_struct),
                                             0, SLAB_PANIC, NULL);
+        file_security_cache = kmem_cache_create("selinux_file_security",
+                                            sizeof(struct file_security_struct),
+                                            0, SLAB_PANIC, NULL);
         avc_init();
 
         security_add_hooks(selinux_hooks, ARRAY_SIZE(selinux_hooks));