diff options
| author | Eric Paris <eparis@redhat.com> | 2009-02-12 14:50:54 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2009-02-13 17:23:08 -0500 |
| commit | f1c6381a6e337adcecf84be2a838bd9e610e2365 (patch) | |
| tree | a6e0857db27a38b0976fb422836f9443241b4b61 /security/selinux/include/security.h | |
| parent | 21193dcd1f3570ddfd8a04f4465e484c1f94252f (diff) | |
SELinux: remove unused av.decided field
It appears there was an intention to have the security server only decide
certain permissions and leave other for later as some sort of a portential
performance win. We are currently always deciding all 32 bits of
permissions and this is a useless couple of branches and wasted space.
This patch completely drops the av.decided concept.
This in a 17% reduction in the time spent in avc_has_perm_noaudit
based on oprofile sampling of a tbench benchmark.
Signed-off-by: Eric Paris <eparis@redhat.com>
Reviewed-by: Paul Moore <paul.moore@hp.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include/security.h')
| -rw-r--r-- | security/selinux/include/security.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h index e1d9db779983..5c3434f7626f 100644 --- a/security/selinux/include/security.h +++ b/security/selinux/include/security.h | |||
| @@ -88,7 +88,6 @@ int security_policycap_supported(unsigned int req_cap); | |||
| 88 | #define SEL_VEC_MAX 32 | 88 | #define SEL_VEC_MAX 32 |
| 89 | struct av_decision { | 89 | struct av_decision { |
| 90 | u32 allowed; | 90 | u32 allowed; |
| 91 | u32 decided; | ||
| 92 | u32 auditallow; | 91 | u32 auditallow; |
| 93 | u32 auditdeny; | 92 | u32 auditdeny; |
| 94 | u32 seqno; | 93 | u32 seqno; |