f1c6381a6e
It appears there was an intention to have the security server only decide certain permissions and leave other for later as some sort of a portential performance win. We are currently always deciding all 32 bits of permissions and this is a useless couple of branches and wasted space. This patch completely drops the av.decided concept. This in a 17% reduction in the time spent in avc_has_perm_noaudit based on oprofile sampling of a tbench benchmark. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: Paul Moore <paul.moore@hp.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> |
||
---|---|---|
.. | ||
audit.h | ||
av_inherit.h | ||
av_perm_to_string.h | ||
av_permissions.h | ||
avc_ss.h | ||
avc.h | ||
class_to_string.h | ||
common_perm_to_string.h | ||
conditional.h | ||
flask.h | ||
initial_sid_to_string.h | ||
netif.h | ||
netlabel.h | ||
netnode.h | ||
netport.h | ||
objsec.h | ||
security.h | ||
xfrm.h |