git.baikalelectronics.ru Git - kernel.git/commit

author	Ondrej Mosnacek <omosnace@redhat.com>
	Fri, 17 Apr 2020 08:11:56 +0000 (10:11 +0200)
committer	Paul Moore <paul@paul-moore.com>
	Fri, 17 Apr 2020 20:04:34 +0000 (16:04 -0400)
commit	442a88c195865af926c5eefc1eff8f0e6a6cb469
tree	d0eec42d8fa215c2a80419f934159286d5d025d5	tree \| snapshot
parent	73fc7664fa8e31f1042f9b74999bfb86bb60876f	commit \| diff

selinux: hash context structure directly

Always hashing the string representation is inefficient. Just hash the
contents of the structure directly (using jhash). If the context is
invalid (str & len are set), then hash the string as before, otherwise
hash the structured data.

Since the context hashing function is now faster (about 10 times), this
patch decreases the overhead of security_transition_sid(), which is
called from many hooks.

The jhash function seemed as a good choice, since it is used as the
default hashing algorithm in rhashtable.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Jeff Vander Stoep <jeffv@google.com>
Tested-by: Jeff Vander Stoep <jeffv@google.com>
[PM: fixed some spelling errors in the comments pointed out by JVS]
Signed-off-by: Paul Moore <paul@paul-moore.com>

security/selinux/Makefile		diff \| blob \| history
security/selinux/ss/context.c	[new file with mode: 0644]	blob
security/selinux/ss/context.h		diff \| blob \| history
security/selinux/ss/ebitmap.c		diff \| blob \| history
security/selinux/ss/ebitmap.h		diff \| blob \| history
security/selinux/ss/mls.h		diff \| blob \| history
security/selinux/ss/policydb.c		diff \| blob \| history
security/selinux/ss/services.c		diff \| blob \| history
security/selinux/ss/services.h		diff \| blob \| history