Re: [PATCH 5/6] selinux: improve role transition hashing

From: Paul Moore
Date: Wed Sep 13 2023 - 13:47:11 EST

Next message: Mathieu Poirier: "Re: [PATCH v17 00/14] Add support for MT8195 SCP 2nd core"
Previous message: Paul Moore: "Re: [PATCH 4/6] selinux: simplify avtab slot calculation"
In reply to: Stephen Smalley: "Re: [PATCH 5/6] selinux: improve role transition hashing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Aug 18, 2023 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@xxxxxxxxxxxxxx> wrote:
>
> The number of buckets is calculated by performing a binary AND against
> the mask of the hash table, which is one less than its size (which is a
> power of two). This leads to all top bits being discarded, e.g. with
> the Reference Policy on Debian there exists 376 entries, leading to a
> size of 512, discarding the top 23 bits.
>
> Use jhash to improve the hash table utilization:
>
> # current
> roletr: 376 entries and 124/512 buckets used, longest chain length 8, sum of chain length^2 1496
>
> # patch
> roletr: 376 entries and 266/512 buckets used, longest chain length 4, sum of chain length^2 646
>
> Signed-off-by: Christian GÃ¶ttsche <cgzones@xxxxxxxxxxxxxx>
> Reviewed-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
> ---
> security/selinux/ss/policydb.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)

Merged into selinux/next, thanks.

--
paul-moore.com

Next message: Mathieu Poirier: "Re: [PATCH v17 00/14] Add support for MT8195 SCP 2nd core"
Previous message: Paul Moore: "Re: [PATCH 4/6] selinux: simplify avtab slot calculation"
In reply to: Stephen Smalley: "Re: [PATCH 5/6] selinux: improve role transition hashing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]