Jim Meyering wrote on 02/09/2012 03:17 PM:
Pádraig Brady wrote:
On 02/09/2012 11:32 AM, Jim Meyering wrote:
Technically, we could probably exempt all files on that device, but
...
So you avoid symlinks as they can point outside the device.
Unfortunately so can bind mounts, so you probably have to key on device?
Thanks. That confirms my impression that my patch was not worthwhile:
It was buggy, too.
I suppose we could use a little hash table, whose entries are
<dev_t device_number, bool getfilecon_required> pairs.
Or even a single static dev_t selinux_challenged_device,
that if equal to f->stat.st_dev, we can skip the *getfilecon call.
That should be good enough for most uses.
Here's that simpler patch:
diff --git a/src/ls.c b/src/ls.c
index f5cd37a..cb9f834 100644
[...]
Just tried it out and the difference is very significant, as expected.
(Test case with 61,441 files in a directory.)
Current git version without the patch...
$ time ~/tmp/ls-8.15.34-31eee -l >/dev/null
real 0m31.135s
user 0m0.859s
sys 0m4.276s
$ strace -c ~/tmp/ls-8.15.34-31eee -l >/dev/null
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
31.13 0.303648 5 61441 lstat
30.81 0.300585 5 61441 61441 getxattr
30.65 0.298937 5 61441 lgetxattr
7.17 0.069987 933 75 getdents
[...]
Current git version patched...
$ time ~/tmp/ls-8.15.34-31eee_patched -l >/dev/null
real 0m21.254s
user 0m0.565s
sys 0m2.496s
$ strace -c ~/tmp/ls-8.15.34-31eee_patched -l >/dev/null
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
45.50 0.313386 5 61441 lstat
43.63 0.300524 5 61441 61441 getxattr
10.60 0.072986 973 75 getdents
[...]
Thanks!
Sven
