From: Tianjie Xu <xunchang@google.com>
To: selinux@vger.kernel.org
Subject: Re: Patch to the context lookup change
Date: Mon, 11 Mar 2019 12:36:26 -0700 [thread overview]
Message-ID: <CADBPxw5JFk625NBXauy+iLBU9fe5vQ8zSt83WONV4c-ViUd9DA@mail.gmail.com> (raw)
In-Reply-To: <CADBPxw6URXXxgsJUqpwGBQ+_oPffOAvfP0j2Rn0Vknk36wPrWA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1310 bytes --]
Hi there,
I recently made a change in android's selinux repo. The change
implements a new lookup helper function for context matches, and it
aims to skip unnecessary restorecon if the corresponding context
doesn't change.
Quote from the commit message. "We used to hash the file_context and
skip the restorecon on the top level directory if the hash doesn't
change. But the file_context might change after an OTA update; and
some users experienced long restorecon time as they have lots of files
under directories like /data/media. This CL tries to hash all the
partial match entries in the file_context for each directory; and
skips the restorecon if that digest stays the same, regardless of the
changes to the other parts of file_context."
CL in: https://android-review.googlesource.com/c/platform/external/selinux/+/918713
I haven't done the work in upstream code to fully implement this
change. But this CL merges and compiles. It factors out a lookup
helper function and returns an array of matched pointers instead of a
single one. The old loopup_common function is then modified to take
the first element in the array. I wonder if it's possible to merge in
this change to the lookup functions first? It will make the upstream &
android repo more consistent and also save some work for future
merges.
[-- Attachment #2: f69947c.diff --]
[-- Type: application/x-patch, Size: 6860 bytes --]
next prev parent reply other threads:[~2019-03-11 19:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CADBPxw7XyZdQsipF80cpcYu0h1XvJBhe5_MwndqqSBf5GCuFbQ@mail.gmail.com>
[not found] ` <CADBPxw62sgm3bYBhBg+pft45eT+k0K9MrrjTSF-DhV8iOPaing@mail.gmail.com>
2019-03-11 19:24 ` Patch to the context lookup change Stephen Smalley
[not found] ` <CADBPxw6URXXxgsJUqpwGBQ+_oPffOAvfP0j2Rn0Vknk36wPrWA@mail.gmail.com>
2019-03-11 19:36 ` Tianjie Xu [this message]
2019-03-11 20:12 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CADBPxw5JFk625NBXauy+iLBU9fe5vQ8zSt83WONV4c-ViUd9DA@mail.gmail.com \
--to=xunchang@google.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).