LU-549 llite: Improve statfs performance if selinux is disabled

Even if selinux is disabled, client still tries to get selinux
attributes from MDS. As xattrs are not yet cached, this significantly
slows down xattr heavy operations like ls -l. This patch forces
to return -EOPNOTSUPP on the client side if selinux is disabled.
It speeds up ls -l 25% for cold-cache case and 50% for hot-cache
case.

Signed-off-by: Yevheniy Demchenko <zheka@uvt.cz>
Change-Id: I5e416093bba4126e5fcad62d8c0a2963c1866386
Reviewed-on: http://review.whamcloud.com/2503
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Tested-by: Hudson
Tested-by: Maloo <whamcloud.maloo@gmail.com>
Reviewed-by: Fan Yong <yong.fan@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

diff --git a/lustre/autoconf/lustre-core.m4 b/lustre/autoconf/lustre-core.m4
index eec0990..838f37e 100644 (file)
--- a/lustre/autoconf/lustre-core.m4
+++ b/lustre/autoconf/lustre-core.m4
@@ -1765,6 +1765,22 @@ AC_DEFUN([LC_SET_CPUS_ALLOWED],
                            [set_cpus_allowed is exported by the kernel])],
                 [AC_MSG_RESULT([no])] )])
 
+# 2.6.32 introduces selinux_is_enabled()
+AC_DEFUN([LC_SELINUX_IS_ENABLED],
+[AC_MSG_CHECKING([if selinux_is_enabled is available])
+LB_LINUX_TRY_COMPILE([
+        #include <linux/selinux.h>
+],[
+        selinux_is_enabled();
+],[
+        AC_MSG_RESULT([yes])
+        AC_DEFINE(HAVE_SELINUX_IS_ENABLED, 1,
+                [selinux_is_enabled is defined])
+],[
+        AC_MSG_RESULT([no])
+])
+])
+
 #
 # LC_D_OBTAIN_ALIAS
 # starting from 2.6.28 kernel replaces d_alloc_anon() with
@@ -2111,6 +2127,7 @@ AC_DEFUN([LC_PROG_LINUX],
          LC_SET_CPUS_ALLOWED
          LC_CACHE_UPCALL
          LC_EXPORT_GENERIC_ERROR_REMOVE_PAGE
+         LC_SELINUX_IS_ENABLED
 
          # 2.6.35, 3.0.0
          LC_FILE_FSYNC

diff --git a/lustre/include/linux/lustre_compat25.h b/lustre/include/linux/lustre_compat25.h
index 0a97aa1..044b6e9 100644 (file)
--- a/lustre/include/linux/lustre_compat25.h
+++ b/lustre/include/linux/lustre_compat25.h
@@ -858,5 +858,12 @@ static inline int ll_quota_off(struct super_block *sb, int off, int remount)
 # define TIMES_SET_FLAGS (ATTR_MTIME_SET | ATTR_ATIME_SET)
 #endif
 
+#ifndef HAVE_SELINUX_IS_ENABLED
+static inline bool selinux_is_enabled(void)
+{
+        return 0;
+}
+#endif
+
 #endif /* __KERNEL__ */
 #endif /* _COMPAT25_H */

diff --git a/lustre/llite/xattr.c b/lustre/llite/xattr.c
index cb1a2f0..863f98b 100644 (file)
--- a/lustre/llite/xattr.c
+++ b/lustre/llite/xattr.c
@@ -40,6 +40,9 @@
 #include <linux/sched.h>
 #include <linux/mm.h>
 #include <linux/smp_lock.h>
+#ifdef HAVE_SELINUX_IS_ENABLED
+#include <linux/selinux.h>
+#endif
 
 #define DEBUG_SUBSYSTEM S_LLITE
 
@@ -95,6 +98,8 @@ int xattr_type_filter(struct ll_sb_info *sbi, int xattr_type)
            !(sbi->ll_flags & LL_SBI_ACL))
                 return -EOPNOTSUPP;
 
+        if (xattr_type == XATTR_SECURITY_T && !selinux_is_enabled())
+                return -EOPNOTSUPP;
         if (xattr_type == XATTR_USER_T && !(sbi->ll_flags & LL_SBI_USER_XATTR))
                 return -EOPNOTSUPP;
         if (xattr_type == XATTR_TRUSTED_T && !cfs_capable(CFS_CAP_SYS_ADMIN))