lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAHC9VhSDux6oAcD1ZULOTcCp69JFY1c4Jati3odg4ROoRROp-w@mail.gmail.com>
Date:   Mon, 5 Jun 2017 17:39:46 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Junil Lee <junil0814.lee@....com>
Cc:     Stephen Smalley <sds@...ho.nsa.gov>,
        Eric Paris <eparis@...isplace.org>,
        James Morris <james.l.morris@...cle.com>, serge@...lyn.com,
        william.c.roberts@...el.com, adobriyan@...il.com,
        akpm@...ux-foundation.org, dledford@...hat.com,
        danielj@...lanox.com, mka@...omium.org, selinux@...ho.nsa.gov,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] security: selinux: use kmem_cache for ebitmap

On Mon, Jun 5, 2017 at 5:10 AM, Junil Lee <junil0814.lee@....com> wrote:
> The allocated size for each ebitmap_node is 192byte by kzalloc().
> Then, ebitmap_node size is fixed, so it's possible to use only 144byte
> for each object by kmem_cache_zalloc().
> It can reduce some dynamic allocation size.
>
> Signed-off-by: Junil Lee <junil0814.lee@....com>
> ---
>  security/selinux/ss/ebitmap.c  | 24 +++++++++++++++++++-----
>  security/selinux/ss/ebitmap.h  |  3 +++
>  security/selinux/ss/services.c |  4 ++++
>  3 files changed, 26 insertions(+), 5 deletions(-)
>
> diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
> index 9db4709a..076c96f 100644
> --- a/security/selinux/ss/ebitmap.c
> +++ b/security/selinux/ss/ebitmap.c
> @@ -24,6 +24,8 @@
>
>  #define BITS_PER_U64   (sizeof(u64) * 8)
>
> +static struct kmem_cache *ebitmap_node_cachep;
> +
>  int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2)
>  {
>         struct ebitmap_node *n1, *n2;
> @@ -54,7 +56,7 @@ int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src)
>         n = src->node;
>         prev = NULL;
>         while (n) {
> -               new = kzalloc(sizeof(*new), GFP_ATOMIC);
> +               new = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
>                 if (!new) {
>                         ebitmap_destroy(dst);
>                         return -ENOMEM;
> @@ -162,7 +164,7 @@ int ebitmap_netlbl_import(struct ebitmap *ebmap,
>                 if (e_iter == NULL ||
>                     offset >= e_iter->startbit + EBITMAP_SIZE) {
>                         e_prev = e_iter;
> -                       e_iter = kzalloc(sizeof(*e_iter), GFP_ATOMIC);
> +                       e_iter = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
>                         if (e_iter == NULL)
>                                 goto netlbl_import_failure;
>                         e_iter->startbit = offset - (offset % EBITMAP_SIZE);
> @@ -299,7 +301,7 @@ int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value)
>         if (!value)
>                 return 0;
>
> -       new = kzalloc(sizeof(*new), GFP_ATOMIC);
> +       new = kmem_cache_zalloc(ebitmap_node_cachep, GFP_ATOMIC);
>         if (!new)
>                 return -ENOMEM;

I believe there is a kfree() in ebitmap_set_bit() that also needs to
be converted.

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ