selinux: convert range transition list to a hashtab

Per https://bugzilla.redhat.com/show_bug.cgi?id=548145 there are sufficient range transition rules in modern (Fedora) policy to make mls_compute_sid a significant factor on the shmem file setup path due to the length of the range_tr list. Replace the simple range_tr list with a hashtab inside the security server to help mitigate this problem. Signed-off-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
author: Stephen Smalley <sds@tycho.nsa.gov> 2010-01-07 15:55:16 -0500
committer: James Morris <jmorris@namei.org> 2010-01-24 16:29:05 -0500
commit: 2f3e82d694d3d7a2db019db1bb63385fbc1066f3 (patch)
tree: 9d99a883eb2ab097a3ff1ee4e1c9bf2fa851d832 /security/selinux/ss/policydb.h
parent: 2457552d1e6f3183cd93f81c49a8da5fe8bb0e42 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h
index cdcc5700946f..193736b64de8 100644
--- a/security/selinux/ss/policydb.h
+++ b/security/selinux/ss/policydb.h
@@ -113,8 +113,6 @@ struct range_trans {
        u32 source_type;
        u32 target_type;
        u32 target_class;
-        struct mls_range target_range;
-        struct range_trans *next;
 };
 /* Boolean data type */
@@ -240,8 +238,8 @@ struct policydb {
           fixed labeling behavior. */
        struct genfs *genfs;
-        /* range transitions */
+        /* range transitions table (range_trans_key -> mls_range) */
-        struct range_trans *range_tr;
+        struct hashtab *range_tr;
        /* type -> attribute reverse mapping */
        struct ebitmap *type_attr_map;
author	Stephen Smalley <sds@tycho.nsa.gov>	2010-01-07 15:55:16 -0500
committer	James Morris <jmorris@namei.org>	2010-01-24 16:29:05 -0500
commit	2f3e82d694d3d7a2db019db1bb63385fbc1066f3 (patch)
tree	9d99a883eb2ab097a3ff1ee4e1c9bf2fa851d832 /security/selinux/ss/policydb.h
parent	2457552d1e6f3183cd93f81c49a8da5fe8bb0e42 (diff)