Commit:     9dc9978084ea2a96b9f42752753d9e38a9f9d7b2
Parent:     e47c8fc582a2c9f3cba059e543c4a056cd6bf8c4
Author:     Eric Paris <[EMAIL PROTECTED]>
AuthorDate: Mon Jun 4 17:41:22 2007 -0400
Committer:  James Morris <[EMAIL PROTECTED]>
CommitDate: Wed Jul 11 22:52:23 2007 -0400

    selinux: introduce schedule points in policydb_destroy()
    During the LSPP testing we found that it was possible for
    policydb_destroy() to take 10+ seconds of kernel time to complete.
    Basically all policydb_destroy() does is walk some (possibly long) lists
    and free the memory it finds.  Turning off slab debugging config options
    made the problem go away since the actual functions which took most of
    the time were (as seen by oprofile)
    > 121202   23.9879  .check_poison_obj
    > 78247    15.4864  .check_slabp
    were caused by that.  So I decided to also add some voluntary schedule
    points in that code so config voluntary preempt would be enough to solve
    the problem.  Something similar was done in places like
    shmem_free_pages() when we have to walk a list of memory and free it.
    This was tested by the LSPP group on the hardware which could reproduce
    the problem just loading a new policy and was found to not trigger the
    softlock detector.  It takes just as much processing time, but the
    kernel doesn't spend all that time stuck doing one thing and never
    Someday a better way to handle memory might make the time needed in this
    function a lot less, but this fixes the current issue as it stands
    Signed-off-by: Eric Paris <[EMAIL PROTECTED]>
    Signed-off-by: James Morris <[EMAIL PROTECTED]>
 security/selinux/ss/policydb.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 0ac1021..f05f97a 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -21,6 +21,7 @@
 #include <linux/kernel.h>
+#include <linux/sched.h>
 #include <linux/slab.h>
 #include <linux/string.h>
 #include <linux/errno.h>
@@ -598,6 +599,7 @@ void policydb_destroy(struct policydb *p)
        struct range_trans *rt, *lrt = NULL;
        for (i = 0; i < SYM_NUM; i++) {
+               cond_resched();
                hashtab_map(p->symtab[i].table, destroy_f[i], NULL);
@@ -612,6 +614,7 @@ void policydb_destroy(struct policydb *p)
        for (i = 0; i < OCON_NUM; i++) {
+               cond_resched();
                c = p->ocontexts[i];
                while (c) {
                        ctmp = c;
@@ -623,6 +626,7 @@ void policydb_destroy(struct policydb *p)
        g = p->genfs;
        while (g) {
+               cond_resched();
                c = g->head;
                while (c) {
@@ -639,18 +643,21 @@ void policydb_destroy(struct policydb *p)
        for (tr = p->role_tr; tr; tr = tr->next) {
+               cond_resched();
                ltr = tr;
        for (ra = p->role_allow; ra; ra = ra -> next) {
+               cond_resched();
                lra = ra;
        for (rt = p->range_tr; rt; rt = rt -> next) {
+               cond_resched();
                if (lrt) {
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at

Reply via email to