- More fixes for translation cache
- Upgrade to latest from NSA Added matchpathcon_fini() function to free memory allocated by matchpathcon_init().
This commit is contained in:
parent
b71bf0b207
commit
8f927c4a9f
@ -82,3 +82,4 @@ libselinux-1.30.3.tgz
|
|||||||
libselinux-1.30.5.tgz
|
libselinux-1.30.5.tgz
|
||||||
libselinux-1.30.6.tgz
|
libselinux-1.30.6.tgz
|
||||||
libselinux-1.30.7.tgz
|
libselinux-1.30.7.tgz
|
||||||
|
libselinux-1.30.8.tgz
|
||||||
|
@ -1,6 +1,159 @@
|
|||||||
diff --exclude-from=exclude -N -u -r nsalibselinux/utils/avcstat.c libselinux-1.30.6/utils/avcstat.c
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/init.c libselinux-1.30.7/src/init.c
|
||||||
--- nsalibselinux/utils/avcstat.c 2005-05-19 15:24:25.000000000 -0400
|
--- nsalibselinux/src/init.c 2006-05-15 09:43:24.000000000 -0400
|
||||||
+++ libselinux-1.30.6/utils/avcstat.c 2006-05-09 15:09:13.000000000 -0400
|
+++ libselinux-1.30.7/src/init.c 2006-05-17 13:57:29.000000000 -0400
|
||||||
|
@@ -78,21 +78,17 @@
|
||||||
|
}
|
||||||
|
hidden_def(set_selinuxmnt)
|
||||||
|
|
||||||
|
-static void init_translations(void)
|
||||||
|
-{
|
||||||
|
- init_context_translations();
|
||||||
|
-}
|
||||||
|
-
|
||||||
|
static void init_lib(void) __attribute__ ((constructor));
|
||||||
|
static void init_lib(void)
|
||||||
|
{
|
||||||
|
selinux_page_size = sysconf(_SC_PAGE_SIZE);
|
||||||
|
init_selinuxmnt();
|
||||||
|
- init_translations();
|
||||||
|
+ init_context_translations();
|
||||||
|
}
|
||||||
|
|
||||||
|
static void fini_lib(void) __attribute__ ((destructor));
|
||||||
|
static void fini_lib(void)
|
||||||
|
{
|
||||||
|
fini_selinuxmnt();
|
||||||
|
+ fini_context_translations();
|
||||||
|
}
|
||||||
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_config.c libselinux-1.30.7/src/selinux_config.c
|
||||||
|
--- nsalibselinux/src/selinux_config.c 2006-05-15 09:43:24.000000000 -0400
|
||||||
|
+++ libselinux-1.30.7/src/selinux_config.c 2006-05-17 14:31:07.000000000 -0400
|
||||||
|
@@ -17,6 +17,7 @@
|
||||||
|
#define SELINUXTAG "SELINUX="
|
||||||
|
#define SETLOCALDEFS "SETLOCALDEFS="
|
||||||
|
#define REQUIRESEUSERS "REQUIRESEUSERS="
|
||||||
|
+#define CACHETRANSTAG "CACHETRANS="
|
||||||
|
|
||||||
|
/* Indices for file paths arrays. */
|
||||||
|
#define BINPOLICY 0
|
||||||
|
@@ -175,6 +176,10 @@
|
||||||
|
sizeof(REQUIRESEUSERS)-1)) {
|
||||||
|
value = buf_p + sizeof(REQUIRESEUSERS)-1;
|
||||||
|
intptr = &require_seusers;
|
||||||
|
+ } else if (!strncmp(buf_p, CACHETRANSTAG,
|
||||||
|
+ sizeof(CACHETRANSTAG)-1)) {
|
||||||
|
+ value = buf_p + sizeof(CACHETRANSTAG)-1;
|
||||||
|
+ intptr = &cache_trans;
|
||||||
|
} else {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinux_internal.h libselinux-1.30.7/src/selinux_internal.h
|
||||||
|
--- nsalibselinux/src/selinux_internal.h 2006-05-15 09:43:24.000000000 -0400
|
||||||
|
+++ libselinux-1.30.7/src/selinux_internal.h 2006-05-17 14:05:25.000000000 -0400
|
||||||
|
@@ -70,3 +70,4 @@
|
||||||
|
extern int load_setlocaldefs hidden;
|
||||||
|
extern int require_seusers hidden;
|
||||||
|
extern int selinux_page_size hidden;
|
||||||
|
+extern int cache_trans hidden;
|
||||||
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans_client.c libselinux-1.30.7/src/setrans_client.c
|
||||||
|
--- nsalibselinux/src/setrans_client.c 2006-05-16 20:43:27.000000000 -0400
|
||||||
|
+++ libselinux-1.30.7/src/setrans_client.c 2006-05-17 18:17:41.000000000 -0400
|
||||||
|
@@ -16,6 +16,13 @@
|
||||||
|
#include "selinux_internal.h"
|
||||||
|
#include "setrans_internal.h"
|
||||||
|
|
||||||
|
+// Simple cache
|
||||||
|
+static __thread security_context_t prev_t2r_trans=NULL;
|
||||||
|
+static __thread security_context_t prev_t2r_raw=NULL;
|
||||||
|
+static __thread security_context_t prev_r2t_trans=NULL;
|
||||||
|
+static __thread security_context_t prev_r2t_raw=NULL;
|
||||||
|
+
|
||||||
|
+int cache_trans hidden = 1;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* setransd_open
|
||||||
|
@@ -193,6 +200,17 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
+hidden void
|
||||||
|
+fini_context_translations(void)
|
||||||
|
+{
|
||||||
|
+ if (cache_trans) {
|
||||||
|
+ free(prev_r2t_trans);
|
||||||
|
+ free(prev_r2t_raw);
|
||||||
|
+ free(prev_t2r_trans);
|
||||||
|
+ free(prev_t2r_raw);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
hidden int
|
||||||
|
init_context_translations(void)
|
||||||
|
{
|
||||||
|
@@ -225,9 +243,24 @@
|
||||||
|
*rawp = NULL;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
+ if (cache_trans) {
|
||||||
|
+ if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
|
||||||
|
+ *rawp=strdup(prev_t2r_raw);
|
||||||
|
+ } else {
|
||||||
|
+ free(prev_t2r_trans); prev_t2r_trans = NULL;
|
||||||
|
+ free(prev_t2r_raw); prev_t2r_raw = NULL;
|
||||||
|
+ if (trans_to_raw_context(trans, rawp))
|
||||||
|
+ *rawp = strdup(trans);
|
||||||
|
+ if (*rawp) {
|
||||||
|
+ prev_t2r_trans=strdup(trans);
|
||||||
|
+ prev_t2r_raw=strdup(*rawp);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ if (trans_to_raw_context(trans, rawp))
|
||||||
|
+ *rawp = strdup(trans);
|
||||||
|
|
||||||
|
- if (trans_to_raw_context(trans, rawp))
|
||||||
|
- *rawp = strdup(trans);
|
||||||
|
return *rawp ? 0 : -1;
|
||||||
|
}
|
||||||
|
hidden_def(selinux_trans_to_raw_context)
|
||||||
|
@@ -240,8 +273,23 @@
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (raw_to_trans_context(raw, transp))
|
||||||
|
- *transp = strdup(raw);
|
||||||
|
+ if (cache_trans) {
|
||||||
|
+ if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
|
||||||
|
+ *transp=strdup(prev_r2t_trans);
|
||||||
|
+ } else {
|
||||||
|
+ free(prev_r2t_raw); prev_r2t_raw = NULL;
|
||||||
|
+ free(prev_r2t_trans); prev_r2t_trans = NULL;
|
||||||
|
+ if (raw_to_trans_context(raw, transp))
|
||||||
|
+ *transp = strdup(raw);
|
||||||
|
+ if (*transp) {
|
||||||
|
+ prev_r2t_raw=strdup(raw);
|
||||||
|
+ prev_r2t_trans=strdup(*transp);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ if (raw_to_trans_context(raw, transp))
|
||||||
|
+ *transp = strdup(raw);
|
||||||
|
|
||||||
|
return *transp ? 0 : -1;
|
||||||
|
}
|
||||||
|
diff --exclude-from=exclude -N -u -r nsalibselinux/src/setrans_internal.h libselinux-1.30.7/src/setrans_internal.h
|
||||||
|
--- nsalibselinux/src/setrans_internal.h 2006-05-16 20:43:27.000000000 -0400
|
||||||
|
+++ libselinux-1.30.7/src/setrans_internal.h 2006-05-17 14:07:34.000000000 -0400
|
||||||
|
@@ -8,3 +8,4 @@
|
||||||
|
#define MAX_DATA_BUF 8192
|
||||||
|
|
||||||
|
extern int init_context_translations(void);
|
||||||
|
+extern void fini_context_translations(void);
|
||||||
|
diff --exclude-from=exclude -N -u -r nsalibselinux/utils/avcstat.c libselinux-1.30.7/utils/avcstat.c
|
||||||
|
--- nsalibselinux/utils/avcstat.c 2006-05-15 09:43:20.000000000 -0400
|
||||||
|
+++ libselinux-1.30.7/utils/avcstat.c 2006-05-17 06:18:39.000000000 -0400
|
||||||
@@ -27,12 +27,12 @@
|
@@ -27,12 +27,12 @@
|
||||||
#define HEADERS "lookups hits misses allocations reclaims frees"
|
#define HEADERS "lookups hits misses allocations reclaims frees"
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
%define libsepolver 1.12.6-1
|
%define libsepolver 1.12.10-1
|
||||||
Summary: SELinux library and simple utilities
|
Summary: SELinux library and simple utilities
|
||||||
Name: libselinux
|
Name: libselinux
|
||||||
Version: 1.30.7
|
Version: 1.30.8
|
||||||
Release: 1
|
Release: 1
|
||||||
License: Public domain (uncopyrighted)
|
License: Public domain (uncopyrighted)
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
@ -111,6 +111,15 @@ exit 0
|
|||||||
%{_libdir}/python*/site-packages/selinux.py*
|
%{_libdir}/python*/site-packages/selinux.py*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu May 18 2006 Dan Walsh <dwalsh@redhat.com> 1.30.8-1
|
||||||
|
- More fixes for translation cache
|
||||||
|
- Upgrade to latest from NSA
|
||||||
|
* Added matchpathcon_fini() function to free memory allocated by
|
||||||
|
matchpathcon_init().
|
||||||
|
|
||||||
|
* Wed May 17 2006 Dan Walsh <dwalsh@redhat.com> 1.30.7-2
|
||||||
|
- Add simple cache to improve translation speed
|
||||||
|
|
||||||
* Tue May 16 2006 Dan Walsh <dwalsh@redhat.com> 1.30.7-1
|
* Tue May 16 2006 Dan Walsh <dwalsh@redhat.com> 1.30.7-1
|
||||||
- Upgrade to latest from NSA
|
- Upgrade to latest from NSA
|
||||||
* Merged setrans client cleanup patch from Steve Grubb.
|
* Merged setrans client cleanup patch from Steve Grubb.
|
||||||
|
Loading…
Reference in New Issue
Block a user