On Wed, 8 Jan 2025 at 04:00, Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > On Dec 16, 2024 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgoettsche@xxxxxxxxxxxxx> wrote: > > > > Some symbol tables need to be validated after indexing, since during > > indexing their referenced entries might not yet have been indexed. > > > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > --- > > security/selinux/ss/policydb.c | 94 ++++++++++++++++++++++++++++++++++ > > 1 file changed, 94 insertions(+) > > Out of curiosity, have you measured the policy load times before and > after this patchset? I'd like to understand the performance impact of > the additional checks and validations. A trivial benchmark of load_policy(8) inside a virtme-ng environment showed a slight increase from 82,7ms to 82.9ms. I'll try some more benchmarks for v3. > -- > paul-moore.com
