selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [RFC][PATCH] selinux: convert range transition lis

Re: [RFC][PATCH] selinux: convert range transition list to a hashtab

From: James Morris <jmorris_at_nospam>
Date: Sun Jan 24 2010 - 22:23:12 GMT
To: Stephen Smalley <sds@tycho.nsa.gov>


On Thu, 7 Jan 2010, Stephen Smalley wrote:

> Per https://bugzilla.redhat.com/show_bug.cgi?id=548145
> there are sufficient range transition rules in modern (Fedora) policy to
> make mls_compute_sid a significant factor on the shmem file setup path
> due to the length of the range_tr list. Replace the simple range_tr
> list with a hashtab inside the security server to help mitigate this
> problem.
>
> Signed-off-by: Stephen D. Smalley <sds@tycho.nsa.gov>

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next

Looks ok to me, and will get more testing in next. -- James Morris <jmorris@namei.org> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.