|
 |
71cd55 |
From 36e494573d7071f9b56670b4777ed14637025d9e Mon Sep 17 00:00:00 2001
|
|
|
71cd55 |
From: James Carter <jwcart2@gmail.com>
|
|
|
71cd55 |
Date: Mon, 21 Jun 2021 10:56:49 -0400
|
|
|
71cd55 |
Subject: [PATCH] libsepol/cil: Reduce the initial symtab sizes for blocks
|
|
|
71cd55 |
|
|
|
71cd55 |
It is possible to create bad behaving policy that can consume all
|
|
|
71cd55 |
of a system's memory (one way is through the use of inheritance).
|
|
|
71cd55 |
Analyzing these policies shows that most of the memory usage is for
|
|
|
71cd55 |
the block symtabs.
|
|
|
71cd55 |
|
|
|
71cd55 |
Most of the nineteen symtabs will most likely never be used, so give
|
|
|
71cd55 |
these symtabs an initial size of 1. The others are given more
|
|
|
71cd55 |
appropriate sizes.
|
|
|
71cd55 |
|
|
|
71cd55 |
Signed-off-by: James Carter <jwcart2@gmail.com>
|
|
|
71cd55 |
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
|
|
|
71cd55 |
---
|
|
|
71cd55 |
libsepol/cil/src/cil.c | 2 +-
|
|
|
71cd55 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
71cd55 |
|
|
|
71cd55 |
diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c
|
|
|
71cd55 |
index 671b5ec6e183..9d5038d91add 100644
|
|
|
71cd55 |
--- a/libsepol/cil/src/cil.c
|
|
|
71cd55 |
+++ b/libsepol/cil/src/cil.c
|
|
|
71cd55 |
@@ -54,7 +54,7 @@
|
|
|
71cd55 |
|
|
|
71cd55 |
int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
|
|
|
71cd55 |
{64, 64, 64, 1 << 13, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64},
|
|
|
71cd55 |
- {64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64},
|
|
|
71cd55 |
+ {8, 8, 8, 32, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
|
|
|
71cd55 |
{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
|
|
|
71cd55 |
{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1},
|
|
|
71cd55 |
{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
|
|
|
71cd55 |
--
|
|
|
71cd55 |
2.32.0
|
|
|
71cd55 |
|