diff options
| author | Pavel Emelyanov <xemul@openvz.org> | 2008-06-06 01:46:26 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-06-06 14:29:11 -0400 |
| commit | cc9cb219aac24ffc711566c8f372c2b3a3bf840f (patch) | |
| tree | efa678227596922a00b2a7744c33707041c78316 /security | |
| parent | b66862f7663332aa1ecb3ebda4086360ddb8befc (diff) | |
devscgroup: relax task to dev_cgroup conversion
Two functions, that need to get a device_cgroup from a task (they are
devcgroup_inode_permission and devcgroup_inode_mknod) make it in a strange
way:
They get a css_set from task, then a subsys_state from css_set, then a
cgroup from the state and then a subsys_state again from the cgroup.
Besides, the devices_subsys_id is read from memory, whilst there's a
enum-ed constant for it.
Optimize this part a bit:
1. Get the subsys_stats form the task and be done - no 2 extra
dereferences,
2. Use the device_subsys_id constant, not the value from memory
(i.e. one less dereference).
Found while preparing 2.6.26 OpenVZ port.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: Paul Menage <menage@google.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Chris Wright <chrisw@sous-sol.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/device_cgroup.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/security/device_cgroup.c b/security/device_cgroup.c index 15f2f8003ba3..f9941a769738 100644 --- a/security/device_cgroup.c +++ b/security/device_cgroup.c | |||
| @@ -506,7 +506,6 @@ struct cgroup_subsys devices_subsys = { | |||
| 506 | 506 | ||
| 507 | int devcgroup_inode_permission(struct inode *inode, int mask) | 507 | int devcgroup_inode_permission(struct inode *inode, int mask) |
| 508 | { | 508 | { |
| 509 | struct cgroup *cgroup; | ||
| 510 | struct dev_cgroup *dev_cgroup; | 509 | struct dev_cgroup *dev_cgroup; |
| 511 | struct dev_whitelist_item *wh; | 510 | struct dev_whitelist_item *wh; |
| 512 | 511 | ||
| @@ -515,8 +514,8 @@ int devcgroup_inode_permission(struct inode *inode, int mask) | |||
| 515 | return 0; | 514 | return 0; |
| 516 | if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode)) | 515 | if (!S_ISBLK(inode->i_mode) && !S_ISCHR(inode->i_mode)) |
| 517 | return 0; | 516 | return 0; |
| 518 | cgroup = task_cgroup(current, devices_subsys.subsys_id); | 517 | dev_cgroup = css_to_devcgroup(task_subsys_state(current, |
| 519 | dev_cgroup = cgroup_to_devcgroup(cgroup); | 518 | devices_subsys_id)); |
| 520 | if (!dev_cgroup) | 519 | if (!dev_cgroup) |
| 521 | return 0; | 520 | return 0; |
| 522 | 521 | ||
| @@ -547,12 +546,11 @@ acc_check: | |||
| 547 | 546 | ||
| 548 | int devcgroup_inode_mknod(int mode, dev_t dev) | 547 | int devcgroup_inode_mknod(int mode, dev_t dev) |
| 549 | { | 548 | { |
| 550 | struct cgroup *cgroup; | ||
| 551 | struct dev_cgroup *dev_cgroup; | 549 | struct dev_cgroup *dev_cgroup; |
| 552 | struct dev_whitelist_item *wh; | 550 | struct dev_whitelist_item *wh; |
| 553 | 551 | ||
| 554 | cgroup = task_cgroup(current, devices_subsys.subsys_id); | 552 | dev_cgroup = css_to_devcgroup(task_subsys_state(current, |
| 555 | dev_cgroup = cgroup_to_devcgroup(cgroup); | 553 | devices_subsys_id)); |
| 556 | if (!dev_cgroup) | 554 | if (!dev_cgroup) |
| 557 | return 0; | 555 | return 0; |
| 558 | 556 | ||