diff options
author | Vit Mojzis <vmojzis@redhat.com> | 2023-01-30 18:58:28 +0100 |
---|---|---|
committer | Petr Lautrbach <lautrbach@redhat.com> | 2023-02-06 15:38:58 +0100 |
commit | d8eb8b309f7a3e11bdcf86505ed24c1d50007213 (patch) | |
tree | 6f68ebca2524c1296bf55dff32fc5daa82eb05fd | |
parent | 62d6d13f70948a143db4e2f34a8e16b5993072af (diff) | |
download | selinux-d8eb8b309f7a3e11bdcf86505ed24c1d50007213.tar.gz |
python/sepolicy: Cache conditional rule queries
Commit 7506771e4b630fe0ab853f96574e039055cb72eb
"add missing booleans to man pages" dramatically slowed down
"sepolicy manpage -a" by removing caching of setools rule query.
Re-add said caching and update the query to only return conditional
rules.
Before commit 7506771e:
#time sepolicy manpage -a
real 1m43.153s
# time sepolicy manpage -d httpd_t
real 0m4.493s
After commit 7506771e:
#time sepolicy manpage -a
real 1h56m43.153s
# time sepolicy manpage -d httpd_t
real 0m8.352s
After this commit:
#time sepolicy manpage -a
real 1m41.074s
# time sepolicy manpage -d httpd_t
real 0m7.358s
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Acked-by: James Carter <jwcart2@gmail.com>
-rw-r--r-- | python/sepolicy/sepolicy/__init__.py | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py index e2d5c11a..c177cdfc 100644 --- a/python/sepolicy/sepolicy/__init__.py +++ b/python/sepolicy/sepolicy/__init__.py @@ -125,6 +125,7 @@ all_attributes = None booleans = None booleans_dict = None all_allow_rules = None +all_bool_rules = None all_transitions = None @@ -1136,6 +1137,14 @@ def get_all_allow_rules(): all_allow_rules = search([ALLOW]) return all_allow_rules +def get_all_bool_rules(): + global all_bool_rules + if not all_bool_rules: + q = TERuleQuery(_pol, boolean=".*", boolean_regex=True, + ruletype=[ALLOW, DONTAUDIT]) + all_bool_rules = [_setools_rule_to_dict(x) for x in q.results()] + return all_bool_rules + def get_all_transitions(): global all_transitions if not all_transitions: @@ -1146,7 +1155,7 @@ def get_bools(setype): bools = [] domainbools = [] domainname, short_name = gen_short_name(setype) - for i in map(lambda x: x['booleans'], filter(lambda x: 'booleans' in x and x['source'] == setype, search([ALLOW, DONTAUDIT]))): + for i in map(lambda x: x['booleans'], filter(lambda x: 'booleans' in x and x['source'] == setype, get_all_bool_rules())): for b in i: if not isinstance(b, tuple): continue |