• Ondrej Mosnacek's avatar
    selinux: reduce the use of hard-coded hash sizes · e0ac568d
    Ondrej Mosnacek authored
    Instead allocate hash tables with just the right size based on the
    actual number of elements (which is almost always known beforehand, we
    just need to defer the hashtab allocation to the right time). The only
    case when we don't know the size (with the current policy format) is the
    new filename transitions hashtable. Here I just left the existing value.
    
    After this patch, the time to load Fedora policy on x86_64 decreases
    from 790 ms to 167 ms. If the unconfined module is removed, it decreases
    from 750 ms to 122 ms. It is also likely that other operations are going
    to be faster, mainly string_to_context_struct() or mls_compute_sid(),
    but I didn't try to quantify that.
    
    The memory usage of all hash table arrays increases from ~58 KB to
    ~163 KB (with Fedora policy on x86_64).
    Signed-off-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
    Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
    Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
    e0ac568d
policydb.h 9.95 KB