[PATCH] Audit Filter Performance

While testing the watch performance, I noticed that selinux_task_ctxid()
was creeping into the results more than it should. Investigation showed
that the function call was being called whether it was needed or not. The
below patch fixes this.

Signed-off-by: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

1 files changed, 7 insertions, 4 deletions

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a300736ee037..1c03a4ed1b27 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -168,11 +168,9 @@ static int audit_filter_rules(struct task_struct *tsk,
                               struct audit_context *ctx,
                               enum audit_state *state)
 {
-        int i, j;
+        int i, j, need_sid = 1;
         u32 sid;
 
-        selinux_task_ctxid(tsk, &sid);
-
         for (i = 0; i < rule->field_count; i++) {
                 struct audit_field *f = &rule->fields[i];
                 int result = 0;
@@ -271,11 +269,16 @@ static int audit_filter_rules(struct task_struct *tsk,
                            match for now to avoid losing information that
                            may be wanted.   An error message will also be
                            logged upon error */
-                        if (f->se_rule)
+                        if (f->se_rule) {
+                                if (need_sid) {
+                                        selinux_task_ctxid(tsk, &sid);
+                                        need_sid = 0;
+                                }
                                 result = selinux_audit_rule_match(sid, f->type,
                                                                   f->op,
                                                                   f->se_rule,
                                                                   ctx);
+                        }
                         break;
                 case AUDIT_ARG0:
                 case AUDIT_ARG1: