|
 |
8f927c4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/init.c libselinux-1.30.7/src/init.c
|
|
|
8f927c4 |
--- nsalibselinux/src/init.c 2006-05-15 09:43:24.000000000 -0400
|
|
|
8f927c4 |
+++ libselinux-1.30.7/src/init.c 2006-05-17 13:57:29.000000000 -0400
|
|
|
8f927c4 |
@@ -78,21 +78,17 @@
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
hidden_def(set_selinuxmnt)
|
|
|
8f927c4 |
|
|
|
8f927c4 |
-static void init_translations(void)
|
|
|
8f927c4 |
-{
|
|
|
8f927c4 |
- init_context_translations();
|
|
|
8f927c4 |
-}
|
|
|
8f927c4 |
-
|
|
|
8f927c4 |
static void init_lib(void) __attribute__ ((constructor));
|
|
|
8f927c4 |
static void init_lib(void)
|
|
|
8f927c4 |
{
|
|
|
8f927c4 |
selinux_page_size = sysconf(_SC_PAGE_SIZE);
|
|
|
8f927c4 |
init_selinuxmnt();
|
|
|
8f927c4 |
- init_translations();
|
|
|
8f927c4 |
+ init_context_translations();
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
|
|
|
8f927c4 |
static void fini_lib(void) __attribute__ ((destructor));
|
|
|
8f927c4 |
static void fini_lib(void)
|
|
|
8f927c4 |
{
|
|
|
8f927c4 |
fini_selinuxmnt();
|
|
|
8f927c4 |
+ fini_context_translations();
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.30.7/src/selinux_config.c
|
|
|
8f927c4 |
--- nsalibselinux/src/selinux_config.c 2006-05-15 09:43:24.000000000 -0400
|
|
|
8f927c4 |
+++ libselinux-1.30.7/src/selinux_config.c 2006-05-17 14:31:07.000000000 -0400
|
|
|
8f927c4 |
@@ -17,6 +17,7 @@
|
|
|
8f927c4 |
#define SELINUXTAG "SELINUX="
|
|
|
8f927c4 |
#define SETLOCALDEFS "SETLOCALDEFS="
|
|
|
8f927c4 |
#define REQUIRESEUSERS "REQUIRESEUSERS="
|
|
|
8f927c4 |
+#define CACHETRANSTAG "CACHETRANS="
|
|
|
8f927c4 |
|
|
|
8f927c4 |
/* Indices for file paths arrays. */
|
|
|
8f927c4 |
#define BINPOLICY 0
|
|
|
8f927c4 |
@@ -175,6 +176,10 @@
|
|
|
8f927c4 |
sizeof(REQUIRESEUSERS)-1)) {
|
|
|
8f927c4 |
value = buf_p + sizeof(REQUIRESEUSERS)-1;
|
|
|
8f927c4 |
intptr = &require_seusers;
|
|
|
8f927c4 |
+ } else if (!strncmp(buf_p, CACHETRANSTAG,
|
|
|
8f927c4 |
+ sizeof(CACHETRANSTAG)-1)) {
|
|
|
8f927c4 |
+ value = buf_p + sizeof(CACHETRANSTAG)-1;
|
|
|
8f927c4 |
+ intptr = &cache_trans;
|
|
|
8f927c4 |
} else {
|
|
|
8f927c4 |
continue;
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.30.7/src/selinux_internal.h
|
|
|
8f927c4 |
--- nsalibselinux/src/selinux_internal.h 2006-05-15 09:43:24.000000000 -0400
|
|
|
8f927c4 |
+++ libselinux-1.30.7/src/selinux_internal.h 2006-05-17 14:05:25.000000000 -0400
|
|
|
8f927c4 |
@@ -70,3 +70,4 @@
|
|
|
8f927c4 |
extern int load_setlocaldefs hidden;
|
|
|
8f927c4 |
extern int require_seusers hidden;
|
|
|
8f927c4 |
extern int selinux_page_size hidden;
|
|
|
8f927c4 |
+extern int cache_trans hidden;
|
|
|
8f927c4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans_client.c libselinux-1.30.7/src/setrans_client.c
|
|
|
8f927c4 |
--- nsalibselinux/src/setrans_client.c 2006-05-16 20:43:27.000000000 -0400
|
|
|
8f927c4 |
+++ libselinux-1.30.7/src/setrans_client.c 2006-05-17 18:17:41.000000000 -0400
|
|
|
8f927c4 |
@@ -16,6 +16,13 @@
|
|
|
8f927c4 |
#include "selinux_internal.h"
|
|
|
8f927c4 |
#include "setrans_internal.h"
|
|
|
8f927c4 |
|
|
|
8f927c4 |
+// Simple cache
|
|
|
8f927c4 |
+static __thread security_context_t prev_t2r_trans=NULL;
|
|
|
8f927c4 |
+static __thread security_context_t prev_t2r_raw=NULL;
|
|
|
8f927c4 |
+static __thread security_context_t prev_r2t_trans=NULL;
|
|
|
8f927c4 |
+static __thread security_context_t prev_r2t_raw=NULL;
|
|
|
8f927c4 |
+
|
|
|
8f927c4 |
+int cache_trans hidden = 1;
|
|
|
8f927c4 |
|
|
|
8f927c4 |
/*
|
|
|
8f927c4 |
* setransd_open
|
|
|
8f927c4 |
@@ -193,6 +200,17 @@
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
|
|
|
8f927c4 |
|
|
|
8f927c4 |
+hidden void
|
|
|
8f927c4 |
+fini_context_translations(void)
|
|
|
8f927c4 |
+{
|
|
|
8f927c4 |
+ if (cache_trans) {
|
|
|
8f927c4 |
+ free(prev_r2t_trans);
|
|
|
8f927c4 |
+ free(prev_r2t_raw);
|
|
|
8f927c4 |
+ free(prev_t2r_trans);
|
|
|
8f927c4 |
+ free(prev_t2r_raw);
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+}
|
|
|
8f927c4 |
+
|
|
|
8f927c4 |
hidden int
|
|
|
8f927c4 |
init_context_translations(void)
|
|
|
8f927c4 |
{
|
|
|
8f927c4 |
@@ -225,9 +243,24 @@
|
|
|
8f927c4 |
*rawp = NULL;
|
|
|
8f927c4 |
return 0;
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
+ if (cache_trans) {
|
|
|
8f927c4 |
+ if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
|
|
|
8f927c4 |
+ *rawp=strdup(prev_t2r_raw);
|
|
|
8f927c4 |
+ } else {
|
|
|
8f927c4 |
+ free(prev_t2r_trans); prev_t2r_trans = NULL;
|
|
|
8f927c4 |
+ free(prev_t2r_raw); prev_t2r_raw = NULL;
|
|
|
8f927c4 |
+ if (trans_to_raw_context(trans, rawp))
|
|
|
8f927c4 |
+ *rawp = strdup(trans);
|
|
|
8f927c4 |
+ if (*rawp) {
|
|
|
8f927c4 |
+ prev_t2r_trans=strdup(trans);
|
|
|
8f927c4 |
+ prev_t2r_raw=strdup(*rawp);
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+ else
|
|
|
8f927c4 |
+ if (trans_to_raw_context(trans, rawp))
|
|
|
8f927c4 |
+ *rawp = strdup(trans);
|
|
|
8f927c4 |
|
|
|
8f927c4 |
- if (trans_to_raw_context(trans, rawp))
|
|
|
8f927c4 |
- *rawp = strdup(trans);
|
|
|
8f927c4 |
return *rawp ? 0 : -1;
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
hidden_def(selinux_trans_to_raw_context)
|
|
|
8f927c4 |
@@ -240,8 +273,23 @@
|
|
|
8f927c4 |
return 0;
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
|
|
|
8f927c4 |
- if (raw_to_trans_context(raw, transp))
|
|
|
8f927c4 |
- *transp = strdup(raw);
|
|
|
8f927c4 |
+ if (cache_trans) {
|
|
|
8f927c4 |
+ if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
|
|
|
8f927c4 |
+ *transp=strdup(prev_r2t_trans);
|
|
|
8f927c4 |
+ } else {
|
|
|
8f927c4 |
+ free(prev_r2t_raw); prev_r2t_raw = NULL;
|
|
|
8f927c4 |
+ free(prev_r2t_trans); prev_r2t_trans = NULL;
|
|
|
8f927c4 |
+ if (raw_to_trans_context(raw, transp))
|
|
|
8f927c4 |
+ *transp = strdup(raw);
|
|
|
8f927c4 |
+ if (*transp) {
|
|
|
8f927c4 |
+ prev_r2t_raw=strdup(raw);
|
|
|
8f927c4 |
+ prev_r2t_trans=strdup(*transp);
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+ }
|
|
|
8f927c4 |
+ else
|
|
|
8f927c4 |
+ if (raw_to_trans_context(raw, transp))
|
|
|
8f927c4 |
+ *transp = strdup(raw);
|
|
|
8f927c4 |
|
|
|
8f927c4 |
return *transp ? 0 : -1;
|
|
|
8f927c4 |
}
|
|
|
8f927c4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans_internal.h libselinux-1.30.7/src/setrans_internal.h
|
|
|
8f927c4 |
--- nsalibselinux/src/setrans_internal.h 2006-05-16 20:43:27.000000000 -0400
|
|
|
8f927c4 |
+++ libselinux-1.30.7/src/setrans_internal.h 2006-05-17 14:07:34.000000000 -0400
|
|
|
8f927c4 |
@@ -8,3 +8,4 @@
|
|
|
8f927c4 |
#define MAX_DATA_BUF 8192
|
|
|
8f927c4 |
|
|
|
8f927c4 |
extern int init_context_translations(void);
|
|
|
8f927c4 |
+extern void fini_context_translations(void);
|
|
|
8f927c4 |
diff --exclude-from=exclude -N -u -r nsalibselinux/utils/avcstat.c libselinux-1.30.7/utils/avcstat.c
|
|
|
8f927c4 |
--- nsalibselinux/utils/avcstat.c 2006-05-15 09:43:20.000000000 -0400
|
|
|
8f927c4 |
+++ libselinux-1.30.7/utils/avcstat.c 2006-05-17 06:18:39.000000000 -0400
|
|
|
069461a |
@@ -27,12 +27,12 @@
|
|
|
069461a |
#define HEADERS "lookups hits misses allocations reclaims frees"
|
|
|
069461a |
|
|
|
069461a |
struct avc_cache_stats {
|
|
|
069461a |
- unsigned int lookups;
|
|
|
069461a |
- unsigned int hits;
|
|
|
069461a |
- unsigned int misses;
|
|
|
069461a |
- unsigned int allocations;
|
|
|
069461a |
- unsigned int reclaims;
|
|
|
069461a |
- unsigned int frees;
|
|
|
069461a |
+ unsigned long long lookups;
|
|
|
069461a |
+ unsigned long long hits;
|
|
|
069461a |
+ unsigned long long misses;
|
|
|
069461a |
+ unsigned long long allocations;
|
|
|
069461a |
+ unsigned long long reclaims;
|
|
|
069461a |
+ unsigned long long frees;
|
|
|
069461a |
};
|
|
|
069461a |
|
|
|
069461a |
static int interval;
|
|
|
069461a |
@@ -172,7 +172,7 @@
|
|
|
069461a |
while ((line = strtok(NULL, "\n"))) {
|
|
|
069461a |
struct avc_cache_stats tmp;
|
|
|
069461a |
|
|
|
069461a |
- ret = sscanf(line, "%u %u %u %u %u %u",
|
|
|
069461a |
+ ret = sscanf(line, "%Lu %Lu %Lu %Lu %Lu %Lu",
|
|
|
069461a |
&tmp.lookups,
|
|
|
069461a |
&tmp.hits,
|
|
|
069461a |
&tmp.misses,
|
|
|
069461a |
@@ -195,7 +195,7 @@
|
|
|
069461a |
die("unable to parse \'%s\': no data", avcstatfile);
|
|
|
069461a |
|
|
|
069461a |
if (cumulative || (!cumulative && !i))
|
|
|
069461a |
- printf("%10u %10u %10u %10u %10u %10u\n",
|
|
|
069461a |
+ printf("%10Lu %10Lu %10Lu %10Lu %10Lu %10Lu\n",
|
|
|
069461a |
tot.lookups, tot.hits, tot.misses,
|
|
|
069461a |
tot.allocations, tot.reclaims, tot.frees);
|
|
|
069461a |
else {
|
|
|
069461a |
@@ -205,7 +205,7 @@
|
|
|
069461a |
rel.allocations = tot.allocations - last.allocations;
|
|
|
069461a |
rel.reclaims = tot.reclaims - last.reclaims;
|
|
|
069461a |
rel.frees = tot.frees - last.frees;
|
|
|
069461a |
- printf("%10u %10u %10u %10u %10u %10u\n",
|
|
|
069461a |
+ printf("%10Lu %10Lu %10Lu %10Lu %10Lu %10Lu\n",
|
|
|
069461a |
rel.lookups, rel.hits, rel.misses,
|
|
|
069461a |
rel.allocations, rel.reclaims, rel.frees);
|
|
|
98a597a |
}
|