Re: [PATCH] security: selinux: use kmem_cache for ebitmap

From: Paul Moore
Date: Mon Jun 05 2017 - 17:39:57 EST

Next message: Luis R. Rodriguez: "[PATCH v9 4/5] firmware: document the extensible driver data API"
Previous message: Luis R. Rodriguez: "[PATCH v9 0/5] firmware: add driver data API"
In reply to: Junil Lee: "[PATCH] security: selinux: use kmem_cache for ebitmap"
Next in thread: Paul Moore: "Re: [PATCH] security: selinux: use kmem_cache for ebitmap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 5, 2017 at 5:10 AM, Junil Lee <junil0814.lee@xxxxxxx> wrote:
> The allocated size for each ebitmap_node is 192byte by kzalloc().
> Then, ebitmap_node size is fixed, so it's possible to use only 144byte
> for each object by kmem_cache_zalloc().
> It can reduce some dynamic allocation size.
>
> Signed-off-by: Junil Lee <junil0814.lee@xxxxxxx>
> ---
> security/selinux/ss/ebitmap.c | 24 +++++++++++++++++++-----
> security/selinux/ss/ebitmap.h | 3 +++
> security/selinux/ss/services.c | 4 ++++
> 3 files changed, 26 insertions(+), 5 deletions(-)
>
> diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
> index 9db4709a..076c96f 100644
> --- a/security/selinux/ss/ebitmap.c
> +++ b/security/selinux/ss/ebitmap.c
> @@ -24,6 +24,8 @@
>
> #define BITS_PER_U64 (sizeof(u64) * 8)
>
> +static struct kmem_cache *ebitmap_node_cachep;
> +
> int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2)
> {
> struct ebitmap_node *n1, *n2;
> @@ -54,7 +56,7 @@ int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src)
> n = src->node;
> prev = NULL;
> while (n) {
> - new = kzalloc(sizeof(*new), GFP_ATOMIC);
> + new = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
> if (!new) {
> ebitmap_destroy(dst);
> return -ENOMEM;
> @@ -162,7 +164,7 @@ int ebitmap_netlbl_import(struct ebitmap *ebmap,
> if (e_iter == NULL ||
> offset >= e_iter->startbit + EBITMAP_SIZE) {
> e_prev = e_iter;
> - e_iter = kzalloc(sizeof(*e_iter), GFP_ATOMIC);
> + e_iter = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
> if (e_iter == NULL)
> goto netlbl_import_failure;
> e_iter->startbit = offset - (offset % EBITMAP_SIZE);
> @@ -299,7 +301,7 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value)
> if (!value)
> return 0;
>
> - new = kzalloc(sizeof(*new), GFP_ATOMIC);
> + new = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
> if (!new)
> return -ENOMEM;

I believe there is a kfree() in ebitmap_set_bit() that also needs to
be converted.

--
paul moore
www.paul-moore.com

Next message: Luis R. Rodriguez: "[PATCH v9 4/5] firmware: document the extensible driver data API"
Previous message: Luis R. Rodriguez: "[PATCH v9 0/5] firmware: add driver data API"
In reply to: Junil Lee: "[PATCH] security: selinux: use kmem_cache for ebitmap"
Next in thread: Paul Moore: "Re: [PATCH] security: selinux: use kmem_cache for ebitmap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]