aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/ss/conditional.c
diff options
context:
space:
mode:
authorYuichi Nakamura <ynakam@hitachisoft.jp>2007-08-24 11:55:11 +0900
committerJames Morris <jmorris@namei.org>2007-10-17 08:59:30 +1000
commit3232c110b56bd01c5f0fdfd16b4d695f2e05b0a9 (patch)
treeb369f8dc55e9d27bbd0b8b4b6843c0736d61b005 /security/selinux/ss/conditional.c
parent821f3eff7cdb9d6c7076effabd46c96c322daed1 (diff)
downloadmrst-s0i3-test-3232c110b56bd01c5f0fdfd16b4d695f2e05b0a9.tar.gz
mrst-s0i3-test-3232c110b56bd01c5f0fdfd16b4d695f2e05b0a9.tar.xz
mrst-s0i3-test-3232c110b56bd01c5f0fdfd16b4d695f2e05b0a9.zip
SELinux: tune avtab to reduce memory usage
This patch reduces memory usage of SELinux by tuning avtab. Number of hash slots in avtab was 32768. Unused slots used memory when number of rules is fewer. This patch decides number of hash slots dynamically based on number of rules. (chain length)^2 is also printed out in avtab_hash_eval to see standard deviation of avtab hash table. Signed-off-by: Yuichi Nakamura<ynakam@hitachisoft.jp> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/ss/conditional.c')
-rw-r--r--security/selinux/ss/conditional.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index d2737edba54..45b93a827c8 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -456,6 +456,10 @@ int cond_read_list(struct policydb *p, void *fp)
len = le32_to_cpu(buf[0]);
+ rc = avtab_alloc(&(p->te_cond_avtab), p->te_avtab.nel);
+ if (rc)
+ goto err;
+
for (i = 0; i < len; i++) {
node = kzalloc(sizeof(struct cond_node), GFP_KERNEL);
if (!node)