Hi @tiann.
Thanks for the great project, I had great fun playing around with it.
This PR mainly tries to further minimize the possible delays caused by
KernelSU hooking.
There are 3 major changes:
- Processes with 0 < UID < 2000 are blocked straight-up before going
through the allow_list.
I don't see any need for such processes to be interested in root, and
this allows returning early before going through a more expensive
lookup.
If there's an expected breakage due to this change, I'll remove it. Let
me know.
- A page-sized (4K) bitmap is added.
This allows O(1) lookup for UID <= 32767.
This speeds up `ksu_is_allow_uid()` by about 4.8x by sacrificing a 4K
memory. IMHO, a good trade-off.
Most notably, this reduces the 99.999% result previously from worrying
milliseconds scale to microseconds scale.
For UID > 32767, another page-sized (4K) sequential array is used to
cache allow_list.
Compared to the previous PR #557, this new approach gives another nice
25% performance boost in average, 63-96% boost in worst cases.
Benchmark results are available at
https://docs.google.com/spreadsheets/d/1w_tO1zRLPNMFRer49pL1TQfL6ndEhilRrDU1XFIcWXY/edit?usp=sharing
Thanks!
---------
Signed-off-by: Juhyung Park <qkrwngud825@gmail.com>
RealKing kernel has included kernelsu officially, so I don't need to
keep maintaining this fork. With the consent of the author of the
RealKing kernel, the maintainer information here is updated to his.
- Seen with Linux 4.14 kernel with error message:
In file included from ../drivers/android/kernelsu/selinux/sepolicy.c:1:
In file included from ../drivers/android/kernelsu/selinux/sepolicy.h:6:
In file included from ../security/selinux/ss/policydb.h:30: In file
included from ../security/selinux/ss/avtab.h:26:
../security/selinux/include/security.h:240:10: error: use of undeclared
identifier 'EIDRM'
return -EIDRM;
^
CC drivers/base/transport_class.o
CC kernel/rcu/update.o
../security/selinux/include/security.h:246:10: error: use of undeclared
identifier 'ENOENT'
return -ENOENT;
^
