[apparmor] [RFC][PATCH] APPARMOR: add sid to profile mapping andsid recycling
Seth Arnold
seth.arnold at gmail.com
Fri Nov 19 06:56:50 GMT 2010
+/* find the first zero bit in the sid_bitmap array */
+spin_lock(&aa_sid_hash_table->lock);
+for (i = 0; i < AA_SID_BITMAP_SIZE; i++) {
+for (j = 0; j < 32; j++) {
+if (!(sid_bitmap[i] & (1 << j))) {
+/* convert offset to sid */
+sid = i * 32 + j;
+spin_unlock(&aa_sid_hash_table->lock);
+return sid;
+}
+}
+}
(Please forgive rubbish formatting, blackberry's text editor isn't great.)
Should there be a check in the outer loop to see if any part of the word may be zero? Checking words one bit at a time sounds expensive (1024 comparisons vs 64 comparisons if the first non-zero bit is the last bit in the table; 512 vs 48 for a bit in the middle). Or is this code fast enough as-is while a spinlock is held?
Thanks
More information about the AppArmor
mailing list