mbox series

[v3,0/2] Hash context structures directly

Message ID 20200417081157.606789-1-omosnace@redhat.com (mailing list archive)
Headers show
Series Hash context structures directly | expand

Message

Ondrej Mosnacek April 17, 2020, 8:11 a.m. UTC 
Converting a valid context to string and hashing that is inefficient
because the conversion is slow. Instead we can hash the stucture
contents directly, which is about 10 times faster.

After that, it is possible to move the hashing under sidtab.c, which
avoids the complexity of calling context_add_hash() all over the place.

Changes in v3:
 - fix copyright year in ss/context.c (for real this time)
 - move explanation of valid vs. invalid context hashing from commit msg
   to the code

Changes in v2:
 - extract mls hashing into mls_range_hash() and put it in mls.h
 - move some changes from patch 1 into patch 2

Ondrej Mosnacek (2):
  selinux: hash context structure directly
  selinux: move context hashing under sidtab

 security/selinux/Makefile      |  2 +-
 security/selinux/ss/context.c  | 32 +++++++++++++
 security/selinux/ss/context.h  | 11 +----
 security/selinux/ss/ebitmap.c  | 14 ++++++
 security/selinux/ss/ebitmap.h  |  1 +
 security/selinux/ss/mls.h      | 11 +++++
 security/selinux/ss/policydb.c |  5 --
 security/selinux/ss/services.c | 86 ++++++++++------------------------
 security/selinux/ss/services.h |  3 --
 security/selinux/ss/sidtab.c   | 32 ++++++++-----
 security/selinux/ss/sidtab.h   |  1 +
 11 files changed, 107 insertions(+), 91 deletions(-)
 create mode 100644 security/selinux/ss/context.c