On 01/03/2013 11:28 AM, Ondrej Oprala wrote:
Hi, I'd like to propose a patch based on this bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=806055 . Since it doesn't add any new functionality or fix incorrect behaviour, I assume there's no need for another test or a NEWS entry.
This makes sense. It might be worth a news entry, especially if you quantified the perf benefit. The code looks a bit fishy, mixing security_context_t and char*. I've seen other SELinux code do that, so I guess it's OK. I did notice the selinux_file_context_cmp() call, but that has the additional functionality of ignoring the "insignificant" user component, but I don't think we want that. It's a bit strange that this caching is not done within libselinux, since getfscreatecon() is provided. thanks, Pádraig.
