From owner-p4-projects  Sat Jul 13 15:52: 2 2002
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id A991F37B401; Sat, 13 Jul 2002 15:51:53 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4D43537B400
	for <perforce@freebsd.org>; Sat, 13 Jul 2002 15:51:53 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F12E943E42
	for <perforce@freebsd.org>; Sat, 13 Jul 2002 15:51:52 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6DMpqJU070367
	for <perforce@freebsd.org>; Sat, 13 Jul 2002 15:51:52 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6DMpqgd070364
	for perforce@freebsd.org; Sat, 13 Jul 2002 15:51:52 -0700 (PDT)
Date: Sat, 13 Jul 2002 15:51:52 -0700 (PDT)
Message-Id: <200207132251.g6DMpqgd070364@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
Subject: PERFORCE change 14200 for review
To: Perforce Change Reviews <perforce@freebsd.org>
Sender: owner-p4-projects@FreeBSD.ORG
Precedence: bulk
List-ID: <p4-projects.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20p4-projects>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20p4-projects>
X-Loop: FreeBSD.ORG

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14200

Change 14200 by rwatson@rwatson_paprika on 2002/07/13 15:51:43

	Cache EA labels in the vnode so we don't keep hitting the EA
	and polluting the buffer cache.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#166 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#166 (text+ko) ====

@@ -128,6 +128,15 @@
 SYSCTL_INT(_security_mac, OID_AUTO, label_size, CTLFLAG_RD,
     &mac_label_size, 0, "Pre-compiled MAC label size");
 
+static unsigned int	mac_ea_cache_hits = 0;
+SYSCTL_UINT(_security_mac, OID_AUTO, ea_cache_hits, CTLFLAG_RD,
+    &mac_ea_cache_hits, 0,
+    "How often cached label can be used for EA backing");
+static unsigned int	mac_ea_cache_misses = 0;
+SYSCTL_UINT(_security_mac, OID_AUTO, ea_cache_misses, CTLFLAG_RD,
+    &mac_ea_cache_misses, 0,
+    "How often cached label cannot be used for EA backing");
+
 static int	error_select(int error1, int error2);
 static int	mac_externalize(struct label *label, struct mac *mac);
 static int	mac_policy_register(struct mac_policy_conf *mpc);
@@ -902,6 +911,14 @@
 	struct mac extmac;
 	int buflen, error;
 
+	ASSERT_VOP_LOCKED(vp, "vop_stdrefreshlabel_ea");
+
+	if (vp->v_flag & VCACHEDLABEL) {
+		mac_ea_cache_hits++;
+		return (0);
+	} else
+		mac_ea_cache_misses++;
+
 	buflen = sizeof(extmac);
 	error = vn_extattr_get(vp, IO_NODELOCKED,
 	    FREEBSD_MAC_EXTATTR_NAMESPACE, FREEBSD_MAC_EXTATTR_NAME, &buflen,
@@ -913,7 +930,9 @@
 
 	case ENOATTR:
 		/*
-		 * Use the label from the mount point.
+		 * Use the label from the mount point.  Since we may want
+		 * to let this label be updated, don't set the caching
+		 * flag.
 		 */
 		mac_update_vnode_from_mount(vp, vp->v_mount);
 		error = 0;
@@ -928,7 +947,9 @@
 		error = EPERM;		/* Fail very closed. */
 	if (error == 0)
 		error = mac_update_vnode_from_externalized(vp, &extmac);
-	if (error) {
+	if (error == 0)
+		vp->v_flag |= VCACHEDLABEL;
+	else {
 		struct vattr va;
 
 		printf("Corrupted label on %s",
@@ -952,7 +973,10 @@
  * Make sure the vnode label is up-to-date.  If EOPNOTSUPP, then we handle
  * the labeling activity outselves.  Filesystems should be careful not
  * to change their minds regarding whether they support vop_refreshlabel()
- * for a vnode or not.
+ * for a vnode or not.  Don't cache the vnode here, allow the file
+ * system code to determine if it's safe to cache.  If we update from
+ * the mount, don't cache since a change to the mount label should affect
+ * all vnodes.
  */
 static int
 vn_refreshlabel(struct vnode *vp, struct ucred *cred)
@@ -1002,7 +1026,8 @@
  * Helper function for file systems using the vop_std*_ea() calls.  This
  * function must be called after EA service is available for the vnode,
  * but before it's hooked up to the namespace so that the node persists
- * if there's a crash, or before it can be accessed.
+ * if there's a crash, or before it can be accessed.  On successful
+ * commit of the label to disk (etc), do cache the label.
  */
 int
 mac_stdcreatevnode_ea(struct vnode *dvp, struct vnode *tvp, struct ucred *cred)
@@ -1032,7 +1057,9 @@
 		error = vn_extattr_set(tvp, IO_NODELOCKED,
 		    FREEBSD_MAC_EXTATTR_NAMESPACE, FREEBSD_MAC_EXTATTR_NAME,
 		    sizeof(extmac), (char *)&extmac, curthread);
-		if (error) {
+		if (error == 0)
+			tvp->v_flag |= VCACHEDLABEL;
+		else {
 #if 0
 			/*
 			 * In theory, we could have fall-back behavior here.
@@ -2284,6 +2311,8 @@
 	struct mac extmac;
 	int error;
 
+	ASSERT_VOP_LOCKED(vp, "vop_stdsetlabel_ea");
+
 	if ((vp->v_mount->mnt_flag & MNT_MULTILABEL) == 0)
 		return (EOPNOTSUPP);
 
@@ -2299,6 +2328,8 @@
 
 	mac_relabel_vnode(ap->a_cred, vp, intlabel);
 
+	vp->v_flag |= VCACHEDLABEL;
+
 	return (0);
 }
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe p4-projects" in the body of the message