[PATCH] Audit Filter Performance
While testing the watch performance, I noticed that selinux_task_ctxid() was creeping into the results more than it should. Investigation showed that the function call was being called whether it was needed or not. The below patch fixes this. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
073115d6b2
commit
2ad312d209
|
@ -168,11 +168,9 @@ static int audit_filter_rules(struct task_struct *tsk,
|
|||
struct audit_context *ctx,
|
||||
enum audit_state *state)
|
||||
{
|
||||
int i, j;
|
||||
int i, j, need_sid = 1;
|
||||
u32 sid;
|
||||
|
||||
selinux_task_ctxid(tsk, &sid);
|
||||
|
||||
for (i = 0; i < rule->field_count; i++) {
|
||||
struct audit_field *f = &rule->fields[i];
|
||||
int result = 0;
|
||||
|
@ -271,11 +269,16 @@ static int audit_filter_rules(struct task_struct *tsk,
|
|||
match for now to avoid losing information that
|
||||
may be wanted. An error message will also be
|
||||
logged upon error */
|
||||
if (f->se_rule)
|
||||
if (f->se_rule) {
|
||||
if (need_sid) {
|
||||
selinux_task_ctxid(tsk, &sid);
|
||||
need_sid = 0;
|
||||
}
|
||||
result = selinux_audit_rule_match(sid, f->type,
|
||||
f->op,
|
||||
f->se_rule,
|
||||
ctx);
|
||||
}
|
||||
break;
|
||||
case AUDIT_ARG0:
|
||||
case AUDIT_ARG1:
|
||||
|
|
Loading…
Reference in New Issue