Package: ima-evm-utils
Version: 1.1-1+b1
Severity: normal
Tags: patch
If you run "evmctl -r sign --rsa --hashalgo sha256 /usr" or a similar big
subtree it will take a large amount of time due to running blkid once for
each file.
The following patch caches the last check. It is not as optimised as it
might be (it caches the output of blkid not the output of the function) but
the aim is to avoid the most expensive operation (fork/exec). In a test on
a subtree with 6519 files the time taken to run evmctl -r sign went from
164 seconds to 24 seconds.
Index: ima-evm-utils-1.1/src/evmctl.c
===================================================================
--- ima-evm-utils-1.1.orig/src/evmctl.c
+++ ima-evm-utils-1.1/src/evmctl.c
@@ -285,6 +285,8 @@ static int get_uuid(struct stat *st, cha
char path[PATH_MAX], _uuid[37];
FILE *fp;
size_t len;
+ static unsigned last_minor = 0, last_major = 0;
+ static char *last_uuid[37];
if (uuid_str)
return pack_uuid(uuid_str, uuid);
@@ -293,6 +295,11 @@ static int get_uuid(struct stat *st, cha
major = (dev & 0xfff00) >> 8;
minor = (dev & 0xff) | ((dev >> 12) & 0xfff00);
+ if(last_minor == minor && last_major == major)
+ {
+ return pack_uuid(last_uuid, uuid);
+ }
+
log_debug("dev: %u:%u\n", major, minor);
sprintf(path, "blkid -s UUID -o value /dev/block/%u:%u", major, minor);
@@ -305,6 +312,9 @@ static int get_uuid(struct stat *st, cha
if (len != sizeof(_uuid))
goto err;
+ last_major = major;
+ last_minor = minor;
+ memcpy(last_uuid, _uuid, sizeof(_uuid));
return pack_uuid(_uuid, uuid);
err:
log_err("Failed to read UUID. Root access might require.\n");
