LSM: shrink sizeof LSM specific portion of common_audit_data Linus found that the gigantic size of the common audit data caused a big perf hit on something as simple as running stat() in a loop. This patch requires LSMs to declare the LSM specific portion separately rather than doing it in a union. Thus each LSM can be responsible for shrinking their portion and don't have to pay a penalty just because other LSMs have a bigger space requirement. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit: 3b3b0e4fc15efa507b902d90cea39e496a523c3b [log] [tgz]
author: Eric Paris <eparis@redhat.com> Tue Apr 03 09:37:02 2012 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> Tue Apr 03 09:48:40 2012 -0700
tree: d7b91c21ad6c6f4ac21dd51297b74eec47c61684
parent: 95694129b43165911dc4e8a972f0d39ad98d86be [diff] [blame]
diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index 9982c48..088dba3 100644
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c

@@ -64,11 +64,13 @@
 	struct audit_cache *ent;
 	int type = AUDIT_APPARMOR_AUTO;
 	struct common_audit_data sa;
+	struct apparmor_audit_data aad = {0,};
 	COMMON_AUDIT_DATA_INIT(&sa, CAP);
+	sa.aad = &aad;
 	sa.tsk = task;
 	sa.u.cap = cap;
-	sa.aad.op = OP_CAPABLE;
-	sa.aad.error = error;
+	sa.aad->op = OP_CAPABLE;
+	sa.aad->error = error;
 
 	if (likely(!error)) {
 		/* test if auditing is being forced */
commit	3b3b0e4fc15efa507b902d90cea39e496a523c3b	[log] [tgz]
author	Eric Paris <eparis@redhat.com>	Tue Apr 03 09:37:02 2012 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	Tue Apr 03 09:48:40 2012 -0700
tree	d7b91c21ad6c6f4ac21dd51297b74eec47c61684
parent	95694129b43165911dc4e8a972f0d39ad98d86be [diff] [blame]