[GIT PULL] Smack patches for v5.10
Casey Schaufler
casey at schaufler-ca.com
Mon Oct 12 18:13:01 UTC 2020
Hello Linus
Here are two minor fixes and one performance enhancement to Smack
for the v5.10 release. The netlabel cache changes have been in linux-next
for several weeks. The performance improvement is significant and the
new code is more like its counterpart in SELinux.
--
The following changes since commit d012a7190fc1fd72ed48911e77ca97ba4521bccd:
Linux 5.9-rc2 (2020-08-23 14:08:43 -0700)
are available in the Git repository at:
https://github.com/cschaufler/smack-next tags/Smack-for-5.10
for you to fetch changes up to edd615371b668404d06699c04f5f90c4f438814a:
Smack: Remove unnecessary variable initialization (2020-10-05 14:20:51 -0700)
----------------------------------------------------------------
Smack LSM changes for Linux 5.10
Two kernel test robot suggested clean-ups.
Teach Smack to use the IPv4 netlabel cache.
This results in a 12-14% improvement on TCP benchmarks.
----------------------------------------------------------------
Casey Schaufler (5):
Smack: Consolidate uses of secmark into a function
Smack: Set socket labels only once
Smack: Use the netlabel cache
Smack: Fix build when NETWORK_SECMARK is not set
Smack: Remove unnecessary variable initialization
security/smack/smack.h | 19 +---
security/smack/smack_access.c | 55 ++++++---
security/smack/smack_lsm.c | 252 +++++++++++++++++++++++++-----------------
security/smack/smackfs.c | 23 ++--
4 files changed, 200 insertions(+), 149 deletions(-)
More information about the Linux-security-module-archive
mailing list