]> err.no Git - systemd/commitdiff
selinux: don't relabel /run/initramfs
authorLennart Poettering <lennart@poettering.net>
Mon, 29 Aug 2011 22:16:00 +0000 (00:16 +0200)
committerLennart Poettering <lennart@poettering.net>
Mon, 29 Aug 2011 22:16:00 +0000 (00:16 +0200)
/run/initramfs usually contains the initrd so that we can jump back into
it on shutdown. It's usually relatively large and static data, hence we
should avoid relabelling of it. On my netbook this saves 6s. (6.6s
needed for relabelling /dev and /run goes down to 600ms -- still way too
much, but much better).

src/mount-setup.c

index abb0c19d2543e110478831b5ee9a5e944497b87f..f70c4d46f3b9a78f977e6086917eed63a9a20c0d 100644 (file)
@@ -344,11 +344,18 @@ static int nftw_cb(
                 struct FTW *ftwbuf) {
 
         /* No need to label /dev twice in a row... */
-        if (ftwbuf->level == 0)
-                return 0;
+        if (_unlikely_(ftwbuf->level == 0))
+                return FTW_CONTINUE;
+
+        /* /run/initramfs is static data and big, no need to
+         * dynamically relabel it at boot... */
+        if (_unlikely_(ftwbuf->level == 1 &&
+                      tflag == FTW_D &&
+                      streq(fpath, "/run/initramfs")))
+                return FTW_SKIP_SUBTREE;
 
         label_fix(fpath, true);
-        return 0;
+        return FTW_CONTINUE;
 };
 
 int mount_setup(bool loaded_policy) {
@@ -381,8 +388,8 @@ int mount_setup(bool loaded_policy) {
 
                 before_relabel = now(CLOCK_MONOTONIC);
 
-                nftw("/dev", nftw_cb, 64, FTW_MOUNT|FTW_PHYS);
-                nftw("/run", nftw_cb, 64, FTW_MOUNT|FTW_PHYS);
+                nftw("/dev", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
+                nftw("/run", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
 
                 after_relabel = now(CLOCK_MONOTONIC);