* [PATCH] selinux: improve performance of sel_write_load()
@ 2019-09-17 7:20 zhanglin
2019-09-18 12:28 ` Stephen Smalley
0 siblings, 1 reply; 2+ messages in thread
From: zhanglin @ 2019-09-17 7:20 UTC (permalink / raw)
To: paul
Cc: sds, eparis, selinux, linux-kernel, xue.zhihong, wang.yi59,
jiang.xuexin, zhanglin
remove unecessary multiplications of sel_write_load().
Signed-off-by: zhanglin <zhang.lin16@zte.com.cn>
---
security/selinux/selinuxfs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index f3a5a138a096..4b2d87b6fcf9 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -117,6 +117,7 @@ static void selinux_fs_info_free(struct super_block *sb)
#define SEL_CLASS_INO_OFFSET 0x04000000
#define SEL_POLICYCAP_INO_OFFSET 0x08000000
#define SEL_INO_MASK 0x00ffffff
+#define SEL_LOAD_MAX 0x04000000
#define TMPBUFLEN 12
static ssize_t sel_read_enforce(struct file *filp, char __user *buf,
@@ -550,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
goto out;
length = -EFBIG;
- if (count > 64 * 1024 * 1024)
+ if (count > SEL_LOAD_MAX)
goto out;
length = -ENOMEM;
--
2.17.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] selinux: improve performance of sel_write_load()
2019-09-17 7:20 [PATCH] selinux: improve performance of sel_write_load() zhanglin
@ 2019-09-18 12:28 ` Stephen Smalley
0 siblings, 0 replies; 2+ messages in thread
From: Stephen Smalley @ 2019-09-18 12:28 UTC (permalink / raw)
To: zhanglin, paul; +Cc: eparis, selinux, xue.zhihong, wang.yi59, jiang.xuexin
On 9/17/19 3:20 AM, zhanglin wrote:
> remove unecessary multiplications of sel_write_load().
I'm not sure it is really a performance improvement since the compiler
generates the same code (at least on x86_64). I'm wondering though
whether we still need this check at all. It was originally patterned
after a similar check for loading kernel modules, which was removed in
f946eeb9313ff147075 ("module: Remove module size limit").
>
> Signed-off-by: zhanglin <zhang.lin16@zte.com.cn>
> ---
> security/selinux/selinuxfs.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
> index f3a5a138a096..4b2d87b6fcf9 100644
> --- a/security/selinux/selinuxfs.c
> +++ b/security/selinux/selinuxfs.c
> @@ -117,6 +117,7 @@ static void selinux_fs_info_free(struct super_block *sb)
> #define SEL_CLASS_INO_OFFSET 0x04000000
> #define SEL_POLICYCAP_INO_OFFSET 0x08000000
> #define SEL_INO_MASK 0x00ffffff
> +#define SEL_LOAD_MAX 0x04000000
>
> #define TMPBUFLEN 12
> static ssize_t sel_read_enforce(struct file *filp, char __user *buf,
> @@ -550,7 +551,7 @@ static ssize_t sel_write_load(struct file *file, const char __user *buf,
> goto out;
>
> length = -EFBIG;
> - if (count > 64 * 1024 * 1024)
> + if (count > SEL_LOAD_MAX)
> goto out;
>
> length = -ENOMEM;
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-09-18 12:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-17 7:20 [PATCH] selinux: improve performance of sel_write_load() zhanglin
2019-09-18 12:28 ` Stephen Smalley
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).