f1c6381a6e
It appears there was an intention to have the security server only decide certain permissions and leave other for later as some sort of a portential performance win. We are currently always deciding all 32 bits of permissions and this is a useless couple of branches and wasted space. This patch completely drops the av.decided concept. This in a 17% reduction in the time spent in avc_has_perm_noaudit based on oprofile sampling of a tbench benchmark. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> |
||
|---|---|---|
| .. | ||
| audit.h | ||
| av_inherit.h | ||
| av_perm_to_string.h | ||
| av_permissions.h | ||
| avc.h | ||
| avc_ss.h | ||
| class_to_string.h | ||
| common_perm_to_string.h | ||
| conditional.h | ||
| flask.h | ||
| initial_sid_to_string.h | ||
| netif.h | ||
| netlabel.h | ||
| netnode.h | ||
| netport.h | ||
| objsec.h | ||
| security.h | ||
| xfrm.h | ||