diff options
| author | Eric Dumazet <edumazet@google.com> | 2015-03-20 20:15:19 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2015-03-20 21:36:53 -0400 |
| commit | d3593b5cef76db45c864de23c599b58198879e8c (patch) | |
| tree | 42f490bda04e13334233dae5b6039fdd8eae4d2b /security/capability.c | |
| parent | f6877fcf229b4e3d396cbd5199e040b4ea1362eb (diff) | |
Revert "selinux: add a skb_owned_by() hook"
This reverts commit ca10b9e9a8ca7342ee07065289cbe74ac128c169.
No longer needed after commit eb8895debe1baba41fcb62c78a16f0c63c21662a
("tcp: tcp_make_synack() should use sock_wmalloc")
When under SYNFLOOD, we build lot of SYNACK and hit false sharing
because of multiple modifications done on sk_listener->sk_wmem_alloc
Since tcp_make_synack() uses sock_wmalloc(), there is no need
to call skb_set_owner_w() again, as this adds two atomic operations.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/capability.c')
| -rw-r--r-- | security/capability.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/security/capability.c b/security/capability.c index 070dd46f62f4..58a1600c149b 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -776,11 +776,6 @@ static int cap_tun_dev_open(void *security) | |||
| 776 | { | 776 | { |
| 777 | return 0; | 777 | return 0; |
| 778 | } | 778 | } |
| 779 | |||
| 780 | static void cap_skb_owned_by(struct sk_buff *skb, struct sock *sk) | ||
| 781 | { | ||
| 782 | } | ||
| 783 | |||
| 784 | #endif /* CONFIG_SECURITY_NETWORK */ | 779 | #endif /* CONFIG_SECURITY_NETWORK */ |
| 785 | 780 | ||
| 786 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 781 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| @@ -1134,7 +1129,6 @@ void __init security_fixup_ops(struct security_operations *ops) | |||
| 1134 | set_to_cap_if_null(ops, tun_dev_open); | 1129 | set_to_cap_if_null(ops, tun_dev_open); |
| 1135 | set_to_cap_if_null(ops, tun_dev_attach_queue); | 1130 | set_to_cap_if_null(ops, tun_dev_attach_queue); |
| 1136 | set_to_cap_if_null(ops, tun_dev_attach); | 1131 | set_to_cap_if_null(ops, tun_dev_attach); |
| 1137 | set_to_cap_if_null(ops, skb_owned_by); | ||
| 1138 | #endif /* CONFIG_SECURITY_NETWORK */ | 1132 | #endif /* CONFIG_SECURITY_NETWORK */ |
| 1139 | #ifdef CONFIG_SECURITY_NETWORK_XFRM | 1133 | #ifdef CONFIG_SECURITY_NETWORK_XFRM |
| 1140 | set_to_cap_if_null(ops, xfrm_policy_alloc_security); | 1134 | set_to_cap_if_null(ops, xfrm_policy_alloc_security); |