Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-11-01 10:33:27 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/security/selinux
History
Eric Paris 03a4c0182a SELinux: skip filename trans rules if ttype does not match parent dir 
Right now we walk to filename trans rule list for every inode that is
created.  First passes at policy using this facility creates around 5000
filename trans rules.  Running a list of 5000 entries every time is a bad
idea.  This patch adds a new ebitmap to policy which has a bit set for each
ttype that has at least 1 filename trans rule.  Thus when an inode is
created we can quickly determine if any rules exist for this parent
directory type and can skip the list if we know there is definitely no
relevant entry.

Signed-off-by: Eric Paris <eparis@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
2011-04-28 15:15:52 -04:00
..
include SELINUX: Make selinux cache VFS RCU walks safe 2011-04-25 16:24:41 -04:00
ss SELinux: skip filename trans rules if ttype does not match parent dir 2011-04-28 15:15:52 -04:00
.gitignore
avc.c LSM: split LSM_AUDIT_DATA_FS into _PATH and _INODE 2011-04-25 18:13:15 -04:00
exports.c
hooks.c LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH 2011-04-25 18:14:07 -04:00
Kconfig
Makefile
netif.c
netlabel.c
netlink.c
netnode.c SELinux: silence build warning when !CONFIG_BUG 2011-04-25 10:18:27 -04:00
netport.c
nlmsgtab.c SELinux: define permissions for DCB netlink messages 2010-12-16 12:50:17 -05:00
selinuxfs.c selinux: add type_transition with name extension support for selinuxfs 2011-04-01 17:13:23 -04:00
xfrm.c selinux: Fix check for xfrm selinux context algorithm 2011-02-25 15:00:44 -05:00