selinux: convert range transition list to a hashtab Per https://bugzilla.redhat.com/show_bug.cgi?id=548145 there are sufficient range transition rules in modern (Fedora) policy to make mls_compute_sid a significant factor on the shmem file setup path due to the length of the range_tr list. Replace the simple range_tr list with a hashtab inside the security server to help mitigate this problem. Signed-off-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>

commit: 2f3e82d694d3d7a2db019db1bb63385fbc1066f3 [log] [tgz]
author: Stephen Smalley <sds@tycho.nsa.gov> Thu Jan 07 15:55:16 2010 -0500
committer: James Morris <jmorris@namei.org> Mon Jan 25 08:29:05 2010 +1100
tree: 9d99a883eb2ab097a3ff1ee4e1c9bf2fa851d832
parent: 2457552d1e6f3183cd93f81c49a8da5fe8bb0e42 [diff] [blame]
diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h
index cdcc570..193736b 100644
--- a/security/selinux/ss/policydb.h
+++ b/security/selinux/ss/policydb.h

@@ -113,8 +113,6 @@
 	u32 source_type;
 	u32 target_type;
 	u32 target_class;
-	struct mls_range target_range;
-	struct range_trans *next;
 };
 
 /* Boolean data type */
@@ -240,8 +238,8 @@
 	   fixed labeling behavior. */
 	struct genfs *genfs;
 
-	/* range transitions */
-	struct range_trans *range_tr;
+	/* range transitions table (range_trans_key -> mls_range) */
+	struct hashtab *range_tr;
 
 	/* type -> attribute reverse mapping */
 	struct ebitmap *type_attr_map;
commit	2f3e82d694d3d7a2db019db1bb63385fbc1066f3	[log] [tgz]
author	Stephen Smalley <sds@tycho.nsa.gov>	Thu Jan 07 15:55:16 2010 -0500
committer	James Morris <jmorris@namei.org>	Mon Jan 25 08:29:05 2010 +1100
tree	9d99a883eb2ab097a3ff1ee4e1c9bf2fa851d832
parent	2457552d1e6f3183cd93f81c49a8da5fe8bb0e42 [diff] [blame]