1818890 – RFE: Backport libsepol performance improvements

Bug 1818890 - RFE: Backport libsepol performance improvements

Summary: RFE: Backport libsepol performance improvements

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	libsepol
Sub Component:
Version:	32
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	low
Target Milestone:	---
Assignee:	Petr Lautrbach
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-03-30 15:55 UTC by Ondrej Mosnacek
Modified:	2020-08-04 01:20 UTC (History)
CC List:	5 users (show)
Fixed In Version:	libsepol-3.0-4.fc32
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-08-04 01:20:46 UTC
Type:	Enhancement
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Ondrej Mosnacek 2020-03-30 15:55:57 UTC

Please backport the following upstream libsepol commits to Rawhide and F32:

a60343ca libsepol/cil: remove unnecessary hash tables
542e8786 libsepol: cache ebitmap cardinality value [*]
ee4b20ca libsepol: grow hashtab dynamically
6968ea97 libsepol: make ebitmap_cardinality() of linear complexity
9fe58752 Revert "libsepol: cache ebitmap cardinality value" [*]
692716fc libsepol/cil: raise default attrs_expand_size to 2
cc0425f3 libsepol: skip unnecessary check in build_type_map()
df2a9f40 libsepol: optimize inner loop in build_type_map()
9d291802 libsepol: speed up policy optimization

Together, they significantly reduce the runtime of SELinux policy rebuild (semodule -B/-i/-r/-e/-d/...), which is run at various SELinux package installations/upgrades or when loading/unloading a custom policy module. This will improve the user experience of SELinux a bit, thanks to the reduced wait times of these common operations.

Thanks!

[*] These cancel each other out, but without them there would be a merge conflict.

Comment 1 Ondrej Mosnacek 2020-07-03 11:43:15 UTC

PR: https://src.fedoraproject.org/rpms/libsepol/pull-request/13

NB: I dropped 692716fc ("libsepol/cil: raise default attrs_expand_size to 2"), because it caused issues with semanage and has been since reverted upstream:
https://github.com/SELinuxProject/selinux/commit/c2c2dc610c995fc4caab6c98c03e13727476136e

Comment 2 Ondrej Mosnacek 2020-07-03 13:39:49 UTC

New PR against the right repo:
https://github.com/fedora-selinux/selinux/pull/60

Comment 3 Petr Lautrbach 2020-07-13 08:33:19 UTC

Applied and built in Rawhide - https://koji.fedoraproject.org/koji/buildinfo?buildID=1541113

Comment 4 Petr Lautrbach 2020-07-27 12:21:48 UTC

https://src.fedoraproject.org/rpms/libsepol/pull-request/16

Comment 5 Fedora Update System 2020-07-27 20:44:54 UTC

FEDORA-2020-15e8acc3b2 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-15e8acc3b2

Comment 6 Fedora Update System 2020-07-28 15:20:20 UTC

FEDORA-2020-15e8acc3b2 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-15e8acc3b2`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-15e8acc3b2

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 7 Fedora Update System 2020-08-04 01:20:46 UTC

FEDORA-2020-15e8acc3b2 has been pushed to the Fedora 32 stable repository.
If problem still persists, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.