summaryrefslogtreecommitdiffstats
path: root/security/selinux/selinuxfs.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-02-12 20:50:54 +0100
committerJames Morris <jmorris@namei.org>2009-02-13 23:23:08 +0100
commitf1c6381a6e337adcecf84be2a838bd9e610e2365 (patch)
treea6e0857db27a38b0976fb422836f9443241b4b61 /security/selinux/selinuxfs.c
parentSELinux: more careful use of avd in avc_has_perm_noaudit (diff)
downloadlinux-f1c6381a6e337adcecf84be2a838bd9e610e2365.tar.xz
linux-f1c6381a6e337adcecf84be2a838bd9e610e2365.zip
SELinux: remove unused av.decided field
It appears there was an intention to have the security server only decide certain permissions and leave other for later as some sort of a portential performance win. We are currently always deciding all 32 bits of permissions and this is a useless couple of branches and wasted space. This patch completely drops the av.decided concept. This in a 17% reduction in the time spent in avc_has_perm_noaudit based on oprofile sampling of a tbench benchmark. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/selinuxfs.c')
-rw-r--r--security/selinux/selinuxfs.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c
index 01ec6d2c6b97..d3c8b982cfb0 100644
--- a/security/selinux/selinuxfs.c
+++ b/security/selinux/selinuxfs.c
@@ -595,7 +595,7 @@ static ssize_t sel_write_access(struct file *file, char *buf, size_t size)
length = scnprintf(buf, SIMPLE_TRANSACTION_LIMIT,
"%x %x %x %x %u",
- avd.allowed, avd.decided,
+ avd.allowed, 0xffffffff,
avd.auditallow, avd.auditdeny,
avd.seqno);
out2: