github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 22:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
999765145e
linux/security
History
Jeff Vander Stoep 999765145e UPSTREAM: selinux: sidtab reverse lookup hash table 
This replaces the reverse table lookup and reverse cache with a
hashtable which improves cache-miss reverse-lookup times from
O(n) to O(1)* and maintains the same performance as a reverse
cache hit.

This reduces the time needed to add a new sidtab entry from ~500us
to 5us on a Pixel 3 when there are ~10,000 sidtab entries.

The implementation uses the kernel's generic hashtable API,
It uses the context's string represtation as the hash source,
and the kernels generic string hashing algorithm full_name_hash()
to reduce the string to a 32 bit value.

This change also maintains the improvement introduced in
commit ee1a84fdfe ("selinux: overhaul sidtab to fix bug and improve
performance") which removed the need to keep the current sidtab
locked during policy reload. It does however introduce periodic
locking of the target sidtab while converting the hashtable. Sidtab
entries are never modified or removed, so the context struct stored
in the sid_to_context tree can also be used for the context_to_sid
hashtable to reduce memory usage.

This bug was reported by:
- On the selinux bug tracker.
  BUG: kernel softlockup due to too many SIDs/contexts #37
  https://github.com/SELinuxProject/selinux-kernel/issues/37
- Jovana Knezevic on Android's bugtracker.
  Bug: 140252993
  "During multi-user performance testing, we create and remove users
  many times. selinux_android_restorecon_pkgdir goes from 1ms to over
  20ms after about 200 user creations and removals. Accumulated over
  ~280 packages, that adds a significant time to user creation,
  making perf benchmarks unreliable."

* Hashtable lookup is only O(1) when n < the number of buckets.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Reported-by: Stephen Smalley <sds@tycho.nsa.gov>
Reported-by: Jovana Knezevic <jovanak@google.com>
Reviewed-by: Stephen Smalley <sds@tycho.nsa.gov>
Tested-by: Stephen Smalley <sds@tycho.nsa.gov>
[PM: subj tweak, removed changelog from patch description]
Signed-off-by: Paul Moore <paul@paul-moore.com>

(cherry picked from commit 66f8e2f03c)
Bug: 140252993
Change-Id: Iead2a1d90731ae24fefec2a40af5ffdc457ac916
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
2020-01-08 22:21:35 +00:00
..
apparmor apparmor: fix unsigned len comparison with less than zero 2020-01-04 19:13:08 +01:00
integrity ima: fix freeing ongoing ahash_request 2019-10-11 18:21:11 +02:00
keys keys: Fix missing null pointer check in request_key_auth_describe() 2019-09-21 07:17:13 +02:00
loadpin module: replace the existing LSM hook in init_module 2018-07-16 12:31:57 -07:00
selinux UPSTREAM: selinux: sidtab reverse lookup hash table 2020-01-08 22:21:35 +00:00
smack smack: use GFP_NOFS while holding inode_smack::smk_lock 2019-10-07 18:57:27 +02:00
tomoyo Kbuild updates for v4.19 2018-08-15 12:09:03 -07:00
yama Yama: Check for pid death before checking ancestry 2019-01-22 21:40:32 +01:00
commoncap.c cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() 2018-08-11 02:05:53 -05:00
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-04-27 09:36:40 +02:00
inode.c This is the 4.19.46 stable release 2019-05-25 19:09:59 +02:00
Kconfig BACKPORT: security: Create "kernel hardening" config area 2019-06-17 19:26:08 +00:00
Kconfig.hardening ANDROID: Fix allmodconfig build with CC=clang 2019-11-14 10:56:08 -08:00
lsm_audit.c missing barriers in some of unix_sock ->addr and ->path accesses 2019-03-19 13:12:41 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c BACKPORT: perf_event: Add support for LSM and SELinux checks 2020-01-07 22:30:02 +00:00