selinux: de-crapify avc cache stat code generation

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

You can turn off the avc cache stats, but distributions seem to not do
that (perhaps because several performance tuning how-to's talk about the
avc cache statistics).

Which is sad, because the code it generates is truly horrendous, with
the statistics update being sandwitched between get_cpu/put_cpu which in
turn causes preemption disables etc. We're talking ten+ instructions
just to increment a per-cpu variable in some pretty hot code.

Fix the craziness by just using 'this_cpu_inc()' instead. Suddenly we
only need a single 'inc' instruction to increment the statistics. This
is quite noticeable in the incredibly hot avc_has_perm_noaudit()
function (which triggers all the statistics by virtue of doing an
avc_lookup() call).

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Linus Torvalds 15 years ago 044aea9b 39ab05c8

+1 -5

1 changed file

expand all

security

selinux

avc.c

+1 -5

security/selinux/avc.c

··· 38 38 #define AVC_CACHE_RECLAIM 16 39 39 40 40 #ifdef CONFIG_SECURITY_SELINUX_AVC_STATS 41 - #define avc_cache_stats_incr(field) \ 42 - do { \ 43 - per_cpu(avc_cache_stats, get_cpu()).field++; \ 44 - put_cpu(); \ 45 - } while (0) 41 + #define avc_cache_stats_incr(field) this_cpu_inc(avc_cache_stats.field) 46 42 #else 47 43 #define avc_cache_stats_incr(field) do {} while (0) 48 44 #endif