[GIT PULL] Smack patches for v5.10

Casey Schaufler casey at schaufler-ca.com
Mon Oct 12 18:13:01 UTC 2020


Hello Linus

Here are two minor fixes and one performance enhancement to Smack
for the v5.10 release. The netlabel cache changes have been in linux-next
for several weeks. The performance improvement is significant and the
new code is more like its counterpart in SELinux.


--
The following changes since commit d012a7190fc1fd72ed48911e77ca97ba4521bccd:

  Linux 5.9-rc2 (2020-08-23 14:08:43 -0700)

are available in the Git repository at:

  https://github.com/cschaufler/smack-next tags/Smack-for-5.10

for you to fetch changes up to edd615371b668404d06699c04f5f90c4f438814a:

  Smack: Remove unnecessary variable initialization (2020-10-05 14:20:51 -0700)

----------------------------------------------------------------
Smack LSM changes for Linux 5.10

Two kernel test robot suggested clean-ups.
Teach Smack to use the IPv4 netlabel cache.
This results in a 12-14% improvement on TCP benchmarks.

----------------------------------------------------------------
Casey Schaufler (5):
      Smack: Consolidate uses of secmark into a function
      Smack: Set socket labels only once
      Smack: Use the netlabel cache
      Smack: Fix build when NETWORK_SECMARK is not set
      Smack: Remove unnecessary variable initialization

 security/smack/smack.h        |  19 +---
 security/smack/smack_access.c |  55 ++++++---
 security/smack/smack_lsm.c    | 252 +++++++++++++++++++++++++-----------------
 security/smack/smackfs.c      |  23 ++--
 4 files changed, 200 insertions(+), 149 deletions(-)





More information about the Linux-security-module-archive mailing list