Dump in the SELinux debug configuration the statistics for the conditional rules avtab, the role transition, and class and common permission hash tables. Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> --- security/selinux/ss/conditional.c | 3 +++ security/selinux/ss/policydb.c | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index 81ff676f209a..0dd17fe76286 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c @@ -171,6 +171,9 @@ int cond_init_bool_indexes(struct policydb *p) GFP_KERNEL); if (!p->bool_val_to_struct) return -ENOMEM; + + avtab_hash_eval(&p->te_cond_avtab, "conditional_rules"); + return 0; } diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index 84f02d4f8093..932e383bcad6 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -1158,6 +1158,8 @@ static int common_read(struct policydb *p, struct symtab *s, void *fp) goto bad; } + hash_eval(&comdatum->permissions.table, "common_permissions"); + rc = symtab_insert(s, key, comdatum); if (rc) goto bad; @@ -1339,6 +1341,8 @@ static int class_read(struct policydb *p, struct symtab *s, void *fp) goto bad; } + hash_eval(&cladatum->permissions.table, "class_permissions"); + rc = read_cons_helper(p, &cladatum->constraints, ncons, 0, fp); if (rc) goto bad; @@ -2616,6 +2620,8 @@ int policydb_read(struct policydb *p, void *fp) rtd = NULL; } + hash_eval(&p->role_tr, "roletr"); + rc = next_entry(buf, fp, sizeof(u32)); if (rc) goto bad; -- 2.40.1
