aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/include
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-02-12 14:50:54 -0500
committerJames Morris <jmorris@namei.org>2009-02-13 17:23:08 -0500
commitf1c6381a6e337adcecf84be2a838bd9e610e2365 (patch)
treea6e0857db27a38b0976fb422836f9443241b4b61 /security/selinux/include
parent21193dcd1f3570ddfd8a04f4465e484c1f94252f (diff)
SELinux: remove unused av.decided field
It appears there was an intention to have the security server only decide certain permissions and leave other for later as some sort of a portential performance win. We are currently always deciding all 32 bits of permissions and this is a useless couple of branches and wasted space. This patch completely drops the av.decided concept. This in a 17% reduction in the time spent in avc_has_perm_noaudit based on oprofile sampling of a tbench benchmark. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/include')
-rw-r--r--security/selinux/include/security.h1
1 files changed, 0 insertions, 1 deletions
diff --git a/security/selinux/include/security.h b/security/selinux/include/security.h
index e1d9db779983..5c3434f7626f 100644
--- a/security/selinux/include/security.h
+++ b/security/selinux/include/security.h
@@ -88,7 +88,6 @@ int security_policycap_supported(unsigned int req_cap);
88#define SEL_VEC_MAX 32 88#define SEL_VEC_MAX 32
89struct av_decision { 89struct av_decision {
90 u32 allowed; 90 u32 allowed;
91 u32 decided;
92 u32 auditallow; 91 u32 auditallow;
93 u32 auditdeny; 92 u32 auditdeny;
94 u32 seqno; 93 u32 seqno;