libsepol: implement POLICYDB_VERSION_COMP_FTRANS

Browse Source

Implement a new, more space-efficient form of storing filename
transitions in the binary policy. The internal structures have already
been converted to this new representation; this patch just implements
reading/writing an equivalent representation from/to the binary policy.

This new format reduces the size of Fedora policy from 7.6 MB to only
3.3 MB (with policy optimization enabled in both cases). With the
unconfined module disabled, the size is reduced from 3.3 MB to 2.4 MB.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>

...

This commit is contained in:

Ondrej Mosnacek 2020-07-31 13:10:35 +02:00 committed by Stephen Smalley

parent 42ae834a74

commit 8206b8cb00

3 changed files with 253 additions and 54 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Show Stats Download Patch File Download Diff File Expand all files Collapse all files