[PATCH] audit inode patch

Previously, we were gathering the context instead of the sid. Now in this patch, we gather just the sid and convert to context only if an audit event is being output. This patch brings the performance hit from 146% down to 23% Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
author: Steve Grubb <sgrubb@redhat.com> 2006-04-03 14:06:13 -0400
committer: Al Viro <viro@zeniv.linux.org.uk> 2006-05-01 06:09:53 -0400
commit: 1b50eed9cac0e8e5e4d3a522d8aa267f7f8f8acb (patch)
tree: c66a1c3be846e34f1aac5db640b7ccb8770e8a80 /security
parent: 3dc7e3153eddfcf7ba8b50628775ba516e5f759f (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/security/selinux/exports.c b/security/selinux/exports.c
index 333c4c7824d..07ddce7bf37 100644
--- a/security/selinux/exports.c
+++ b/security/selinux/exports.c
@@ -14,6 +14,7 @@
 #include <linux/kernel.h>
 #include <linux/module.h>
 #include <linux/selinux.h>
+#include <linux/fs.h>
 
 #include "security.h"
 #include "objsec.h"
@@ -26,3 +27,26 @@ void selinux_task_ctxid(struct task_struct *tsk, u32 *ctxid)
 	else
 		*ctxid = 0;
 }
+
+int selinux_ctxid_to_string(u32 ctxid, char **ctx, u32 *ctxlen)
+{
+	if (selinux_enabled)
+		return security_sid_to_context(ctxid, ctx, ctxlen);
+	else {
+		*ctx = NULL;
+		*ctxlen = 0;
+	}
+
+	return 0;
+}
+
+void selinux_get_inode_sid(const struct inode *inode, u32 *sid)
+{
+	if (selinux_enabled) {
+		struct inode_security_struct *isec = inode->i_security;
+		*sid = isec->sid;
+		return;
+	}
+	*sid = 0;
+}
+
author	Steve Grubb <sgrubb@redhat.com>	2006-04-03 14:06:13 -0400
committer	Al Viro <viro@zeniv.linux.org.uk>	2006-05-01 06:09:53 -0400
commit	1b50eed9cac0e8e5e4d3a522d8aa267f7f8f8acb (patch)
tree	c66a1c3be846e34f1aac5db640b7ccb8770e8a80 /security
parent	3dc7e3153eddfcf7ba8b50628775ba516e5f759f (diff)