-----BEGIN PGP SIGNED MESSAGE-----
On 06/23/2011 08:58 AM, Pádraig Brady wrote:
> On 23/06/11 12:28, Lennart Poettering wrote:
>> On Thu, 23.06.11 12:58, yersinia (firstname.lastname@example.org) wrote:
>>> Perhaps it is of interest to this list that Phonorix has produced a new
>>> benchmark about the performance impact of SELinux on
>>> Fedora 15. Look very good
>>> http://www.phoronix.com/scan.php?page=article&item=fedora_15_selinux&num=2 .
>> The biggest impact it has on boot time really. Might be worth measuring that.
> A work colleague here did that a couple of days ago.
> To boot to a usable desktop with stock F15 with gdm auto login:
> with selinux: 43s
> without selinux: 24s
> Hardware is pinetrail netbook (1.6GHz Atom N455).
> 2GB RAM and SSD limited by SATA I interface.
We have found one problem in libselinux that could account for some of
the slowdown, but not much, this increases the spead of matchpathcon.
We have fixed this in F16.
Tests conducted in Rawhide.
systemd reads in policy file and loads it in the kernel.
# du -m /etc/selinux/targeted/policy/policy.26
The load_policy command on my T61 does pretty much the equivalent.
# time load_policy
systemd and udev both load the file_context files and create regexs
based on these files. matchpathcon does the equivalent.
time matchpathcon /dev
Obviously this is a more powerful machine then the Atom, but I would
figure loading of the policy is the culprit.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
selinux mailing list