topjohnwu/selinux
1
0
Fork 0
mirror of https://github.com/topjohnwu/selinux.git synced 2024-12-03 09:00:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Expand all compile-time generated attributes

Browse Source 
Cutting down on the number of attributes associated with each type
speeds up policy lookup times when there is an access vector cache
miss.

This commit reduces the number of attributes in the policy binary from
607 to 159.

(cherry-pick of commit: 574926fe67)

Bug: 36508258
Test: build and boot Marlin
Change-Id: I42c778fe9e760abf62d4ec1f7b7e748e28ac5497
This commit is contained in:
Jeff Vander Stoep 2017-05-25 13:13:29 -07:00 committed by Dan Cashman
parent 8f76b0cd3e
commit d47503f8dc
2 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
libsepol/cil/src/android.c
View File

@ -780,6 +780,7 @@ exit:
static int cil_build_mappings_tree(hashtab_key_t k, hashtab_datum_t d, void *args)
{
struct cil_typeattributeset *attrset = NULL;
struct cil_expandtypeattribute *expandattr = NULL;
struct cil_tree_node *ast_node = NULL;
struct version_args *verargs = (struct version_args *)args;
struct cil_tree_node *ast_parent = verargs->db->ast->root;
@ -808,6 +809,22 @@ static int cil_build_mappings_tree(hashtab_key_t k, hashtab_datum_t d, void *arg
else
ast_parent->cl_tail->next = ast_node;
ast_parent->cl_tail = ast_node;
/* create expandtypeattribute datum */
cil_expandtypeattribute_init(&expandattr);
cil_list_init(&expandattr->attr_strs, CIL_TYPE);
cil_list_append(expandattr->attr_strs, CIL_STRING, __cil_attrib_get_versname(orig_type, verargs->num));
expandattr->expand = CIL_TRUE;
/* create containing tree node */
cil_tree_node_init(&ast_node);
ast_node->data = expandattr;
ast_node->flavor = CIL_EXPANDTYPEATTRIBUTE;
/* add to tree */
ast_node->parent = ast_parent;
ast_parent->cl_tail->next = ast_node;
ast_parent->cl_tail = ast_node;
return SEPOL_OK;
}

21
libsepol/cil/src/cil_write_ast.c
View File

@ -652,6 +652,24 @@ exit:
return rc;
}
static int cil_write_expandtypeattribute(struct cil_tree_node *node, FILE *cil_out)
{
int rc = SEPOL_ERR;
char *attr_strs = NULL;
struct cil_expandtypeattribute *expandattr = (struct cil_expandtypeattribute *)node->data;
rc = cil_unfill_expr(expandattr->attr_strs, &attr_strs, 1);
if (rc != SEPOL_OK)
goto exit;
fprintf(cil_out, "(%s %s %s)\n", CIL_KEY_EXPANDTYPEATTRIBUTE, attr_strs,
expandattr->expand ? CIL_KEY_CONDTRUE : CIL_KEY_CONDFALSE);
rc = SEPOL_OK;
exit:
free(attr_strs);
return rc;
}
static int cil_write_alias(struct cil_tree_node *node, FILE *cil_out) {
int rc = SEPOL_ERR;
char *type;
@ -1259,6 +1277,9 @@ static int __cil_write_node_helper(struct cil_tree_node *node, uint32_t *finishe
case CIL_TYPEATTRIBUTESET:
rc = cil_write_typeattributeset(node, cil_out);
break;
case CIL_EXPANDTYPEATTRIBUTE:
rc = cil_write_expandtypeattribute(node, cil_out);
break;
case CIL_TYPEALIAS:
rc = cil_write_alias(node, cil_out);
break;