forked from Minki/linux
9fe79ad1e4
* We add ebitmap_for_each_positive_bit() which enables to walk on any positive bit on the given ebitmap, to improve its performance using common bit-operations defined in linux/bitops.h. In the previous version, this logic was implemented using a combination of ebitmap_for_each_bit() and ebitmap_node_get_bit(), but is was worse in performance aspect. This logic is most frequestly used to compute a new AVC entry, so this patch can improve SELinux performance when AVC misses are happen. * struct ebitmap_node is redefined as an array of "unsigned long", to get suitable for using find_next_bit() which is fasted than iteration of shift and logical operation, and to maximize memory usage allocated from general purpose slab. * Any ebitmap_for_each_bit() are repleced by the new implementation in ss/service.c and ss/mls.c. Some of related implementation are changed, however, there is no incompatibility with the previous version. * The width of any new line are less or equal than 80-chars. The following benchmark shows the effect of this patch, when we access many files which have different security context one after another. The number is more than /selinux/avc/cache_threshold, so any access always causes AVC misses. selinux-2.6 selinux-2.6-ebitmap AVG: 22.763 [s] 8.750 [s] STD: 0.265 0.019 ------------------------------------------ 1st: 22.558 [s] 8.786 [s] 2nd: 22.458 [s] 8.750 [s] 3rd: 22.478 [s] 8.754 [s] 4th: 22.724 [s] 8.745 [s] 5th: 22.918 [s] 8.748 [s] 6th: 22.905 [s] 8.764 [s] 7th: 23.238 [s] 8.726 [s] 8th: 22.822 [s] 8.729 [s] Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
144 lines
4.0 KiB
C
144 lines
4.0 KiB
C
/*
|
|
* An extensible bitmap is a bitmap that supports an
|
|
* arbitrary number of bits. Extensible bitmaps are
|
|
* used to represent sets of values, such as types,
|
|
* roles, categories, and classes.
|
|
*
|
|
* Each extensible bitmap is implemented as a linked
|
|
* list of bitmap nodes, where each bitmap node has
|
|
* an explicitly specified starting bit position within
|
|
* the total bitmap.
|
|
*
|
|
* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
|
|
*/
|
|
#ifndef _SS_EBITMAP_H_
|
|
#define _SS_EBITMAP_H_
|
|
|
|
#include <net/netlabel.h>
|
|
|
|
#define EBITMAP_UNIT_NUMS ((32 - sizeof(void *) - sizeof(u32)) \
|
|
/ sizeof(unsigned long))
|
|
#define EBITMAP_UNIT_SIZE BITS_PER_LONG
|
|
#define EBITMAP_SIZE (EBITMAP_UNIT_NUMS * EBITMAP_UNIT_SIZE)
|
|
#define EBITMAP_BIT 1ULL
|
|
|
|
struct ebitmap_node {
|
|
struct ebitmap_node *next;
|
|
unsigned long maps[EBITMAP_UNIT_NUMS];
|
|
u32 startbit;
|
|
};
|
|
|
|
struct ebitmap {
|
|
struct ebitmap_node *node; /* first node in the bitmap */
|
|
u32 highbit; /* highest position in the total bitmap */
|
|
};
|
|
|
|
#define ebitmap_length(e) ((e)->highbit)
|
|
#define ebitmap_startbit(e) ((e)->node ? (e)->node->startbit : 0)
|
|
|
|
static inline unsigned int ebitmap_start_positive(struct ebitmap *e,
|
|
struct ebitmap_node **n)
|
|
{
|
|
unsigned int ofs;
|
|
|
|
for (*n = e->node; *n; *n = (*n)->next) {
|
|
ofs = find_first_bit((*n)->maps, EBITMAP_SIZE);
|
|
if (ofs < EBITMAP_SIZE)
|
|
return (*n)->startbit + ofs;
|
|
}
|
|
return ebitmap_length(e);
|
|
}
|
|
|
|
static inline void ebitmap_init(struct ebitmap *e)
|
|
{
|
|
memset(e, 0, sizeof(*e));
|
|
}
|
|
|
|
static inline unsigned int ebitmap_next_positive(struct ebitmap *e,
|
|
struct ebitmap_node **n,
|
|
unsigned int bit)
|
|
{
|
|
unsigned int ofs;
|
|
|
|
ofs = find_next_bit((*n)->maps, EBITMAP_SIZE, bit - (*n)->startbit + 1);
|
|
if (ofs < EBITMAP_SIZE)
|
|
return ofs + (*n)->startbit;
|
|
|
|
for (*n = (*n)->next; *n; *n = (*n)->next) {
|
|
ofs = find_first_bit((*n)->maps, EBITMAP_SIZE);
|
|
if (ofs < EBITMAP_SIZE)
|
|
return ofs + (*n)->startbit;
|
|
}
|
|
return ebitmap_length(e);
|
|
}
|
|
|
|
#define EBITMAP_NODE_INDEX(node, bit) \
|
|
(((bit) - (node)->startbit) / EBITMAP_UNIT_SIZE)
|
|
#define EBITMAP_NODE_OFFSET(node, bit) \
|
|
(((bit) - (node)->startbit) % EBITMAP_UNIT_SIZE)
|
|
|
|
static inline int ebitmap_node_get_bit(struct ebitmap_node *n,
|
|
unsigned int bit)
|
|
{
|
|
unsigned int index = EBITMAP_NODE_INDEX(n, bit);
|
|
unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit);
|
|
|
|
BUG_ON(index >= EBITMAP_UNIT_NUMS);
|
|
if ((n->maps[index] & (EBITMAP_BIT << ofs)))
|
|
return 1;
|
|
return 0;
|
|
}
|
|
|
|
static inline void ebitmap_node_set_bit(struct ebitmap_node *n,
|
|
unsigned int bit)
|
|
{
|
|
unsigned int index = EBITMAP_NODE_INDEX(n, bit);
|
|
unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit);
|
|
|
|
BUG_ON(index >= EBITMAP_UNIT_NUMS);
|
|
n->maps[index] |= (EBITMAP_BIT << ofs);
|
|
}
|
|
|
|
static inline void ebitmap_node_clr_bit(struct ebitmap_node *n,
|
|
unsigned int bit)
|
|
{
|
|
unsigned int index = EBITMAP_NODE_INDEX(n, bit);
|
|
unsigned int ofs = EBITMAP_NODE_OFFSET(n, bit);
|
|
|
|
BUG_ON(index >= EBITMAP_UNIT_NUMS);
|
|
n->maps[index] &= ~(EBITMAP_BIT << ofs);
|
|
}
|
|
|
|
#define ebitmap_for_each_positive_bit(e, n, bit) \
|
|
for (bit = ebitmap_start_positive(e, &n); \
|
|
bit < ebitmap_length(e); \
|
|
bit = ebitmap_next_positive(e, &n, bit)) \
|
|
|
|
int ebitmap_cmp(struct ebitmap *e1, struct ebitmap *e2);
|
|
int ebitmap_cpy(struct ebitmap *dst, struct ebitmap *src);
|
|
int ebitmap_contains(struct ebitmap *e1, struct ebitmap *e2);
|
|
int ebitmap_get_bit(struct ebitmap *e, unsigned long bit);
|
|
int ebitmap_set_bit(struct ebitmap *e, unsigned long bit, int value);
|
|
void ebitmap_destroy(struct ebitmap *e);
|
|
int ebitmap_read(struct ebitmap *e, void *fp);
|
|
|
|
#ifdef CONFIG_NETLABEL
|
|
int ebitmap_netlbl_export(struct ebitmap *ebmap,
|
|
struct netlbl_lsm_secattr_catmap **catmap);
|
|
int ebitmap_netlbl_import(struct ebitmap *ebmap,
|
|
struct netlbl_lsm_secattr_catmap *catmap);
|
|
#else
|
|
static inline int ebitmap_netlbl_export(struct ebitmap *ebmap,
|
|
struct netlbl_lsm_secattr_catmap **catmap)
|
|
{
|
|
return -ENOMEM;
|
|
}
|
|
static inline int ebitmap_netlbl_import(struct ebitmap *ebmap,
|
|
struct netlbl_lsm_secattr_catmap *catmap)
|
|
{
|
|
return -ENOMEM;
|
|
}
|
|
#endif
|
|
|
|
#endif /* _SS_EBITMAP_H_ */
|