aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2011-05-20 00:22:53 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2011-05-20 00:22:53 -0400
commit257313b2a87795e07a0bdf58d0fffbdba8b31051 (patch)
treeff5043526b0381cdc1f1f68d3c6f8ed3635e0ddb /security
parent044aea9b83614948c98564000db07d1d32b2d29b (diff)
selinux: avoid unnecessary avc cache stat hit count
There is no point in counting hits - we can calculate it from the number of lookups and misses. This makes the avc statistics a bit smaller, and makes the code generation better too. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/avc.c9
-rw-r--r--security/selinux/include/avc.h1
-rw-r--r--security/selinux/selinuxfs.c10
3 files changed, 11 insertions, 9 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 5971e30e8239..3d2715fd35ea 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -343,11 +343,10 @@ static struct avc_node *avc_lookup(u32 ssid, u32 tsid, u16 tclass)
343 node = avc_search_node(ssid, tsid, tclass); 343 node = avc_search_node(ssid, tsid, tclass);
344 344
345 if (node) 345 if (node)
346 avc_cache_stats_incr(hits); 346 return node;
347 else
348 avc_cache_stats_incr(misses);
349 347
350 return node; 348 avc_cache_stats_incr(misses);
349 return NULL;
351} 350}
352 351
353static int avc_latest_notif_update(int seqno, int is_insert) 352static int avc_latest_notif_update(int seqno, int is_insert)
@@ -765,7 +764,7 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid,
765 rcu_read_lock(); 764 rcu_read_lock();
766 765
767 node = avc_lookup(ssid, tsid, tclass); 766 node = avc_lookup(ssid, tsid, tclass);
768 if (!node) { 767 if (unlikely(!node)) {
769 rcu_read_unlock(); 768 rcu_read_unlock();
770 769
771 if (in_avd) 770 if (in_avd)
diff --git a/security/selinux/include/avc.h b/security/selinux/include/avc.h
index e77b2ac2908b..47fda963495d 100644
--- a/security/selinux/include/avc.h
+++ b/security/selinux/include/avc.h
@@ -41,7 +41,6 @@ struct sk_buff;
41 */ 41 */
42struct avc_cache_stats { 42struct avc_cache_stats {
43 unsigned int lookups; 43 unsigned int lookups;
44 unsigned int hits;
45 unsigned int misses; 44 unsigned int misses;
46 unsigned int allocations; 45 unsigned int allocations;
47 unsigned int reclaims; 46 unsigned int reclaims;
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index ea39cb742ae5..c0e1a0f52462 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -1380,10 +1380,14 @@ static int sel_avc_stats_seq_show(struct seq_file *seq, void *v)
1380 if (v == SEQ_START_TOKEN) 1380 if (v == SEQ_START_TOKEN)
1381 seq_printf(seq, "lookups hits misses allocations reclaims " 1381 seq_printf(seq, "lookups hits misses allocations reclaims "
1382 "frees\n"); 1382 "frees\n");
1383 else 1383 else {
1384 seq_printf(seq, "%u %u %u %u %u %u\n", st->lookups, 1384 unsigned int lookups = st->lookups;
1385 st->hits, st->misses, st->allocations, 1385 unsigned int misses = st->misses;
1386 unsigned int hits = lookups - misses;
1387 seq_printf(seq, "%u %u %u %u %u %u\n", lookups,
1388 hits, misses, st->allocations,
1386 st->reclaims, st->frees); 1389 st->reclaims, st->frees);
1390 }
1387 return 0; 1391 return 0;
1388} 1392}
1389 1393