From 49f84f0719f99675e1c08e1b5559e52ec22d3a8b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 17 Nov 2014 12:52:35 +0100 Subject: [PATCH] s3:smbprofile: improve profiling for the security context switching. Signed-off-by: Stefan Metzmacher Reviewed-by: Jeremy Allison --- source3/include/smbprofile.h | 5 ++++- source3/smbd/sec_ctx.c | 24 +++++++++++++++++++++--- 2 files changed, 25 insertions(+), 4 deletions(-) diff --git a/source3/include/smbprofile.h b/source3/include/smbprofile.h index 344133c637f..ba7a0b33fce 100644 --- a/source3/include/smbprofile.h +++ b/source3/include/smbprofile.h @@ -28,7 +28,10 @@ \ SMBPROFILE_STATS_SECTION_START("SMBD loop") \ SMBPROFILE_STATS_COUNT(request) \ - SMBPROFILE_STATS_COUNT(uid_changes) \ + SMBPROFILE_STATS_BASIC(push_sec_ctx) \ + SMBPROFILE_STATS_BASIC(set_sec_ctx) \ + SMBPROFILE_STATS_BASIC(set_root_sec_ctx) \ + SMBPROFILE_STATS_BASIC(pop_sec_ctx) \ SMBPROFILE_STATS_BASIC(smbd_idle) \ SMBPROFILE_STATS_SECTION_END \ \ diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c index 5dda07e6c08..33d987fbe70 100644 --- a/source3/smbd/sec_ctx.c +++ b/source3/smbd/sec_ctx.c @@ -66,7 +66,6 @@ static bool become_uid(uid_t uid) set_effective_uid(uid); - DO_PROFILE_INC(uid_changes); return True; } @@ -196,6 +195,8 @@ bool push_sec_ctx(void) { struct sec_ctx *ctx_p; + START_PROFILE(push_sec_ctx); + /* Check we don't overflow our stack */ if (sec_ctx_stack_ndx == MAX_SEC_CTX_DEPTH) { @@ -232,6 +233,8 @@ bool push_sec_ctx(void) ctx_p->ut.groups = NULL; } + END_PROFILE(push_sec_ctx); + return True; } @@ -306,7 +309,9 @@ static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *grou Set the current security context to a given user. ****************************************************************************/ -void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, const struct security_token *token) +static void set_sec_ctx_internal(uid_t uid, gid_t gid, + int ngroups, gid_t *groups, + const struct security_token *token) { struct sec_ctx *ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx]; @@ -358,6 +363,13 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, const struct current_user.nt_user_token = ctx_p->token; } +void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, const struct security_token *token) +{ + START_PROFILE(set_sec_ctx); + set_sec_ctx_internal(uid, gid, ngroups, groups, token); + END_PROFILE(set_sec_ctx); +} + /**************************************************************************** Become root context. ****************************************************************************/ @@ -366,7 +378,9 @@ void set_root_sec_ctx(void) { /* May need to worry about supplementary groups at some stage */ - set_sec_ctx(0, 0, 0, NULL, NULL); + START_PROFILE(set_root_sec_ctx); + set_sec_ctx_internal(0, 0, 0, NULL, NULL); + END_PROFILE(set_root_sec_ctx); } /**************************************************************************** @@ -378,6 +392,8 @@ bool pop_sec_ctx(void) struct sec_ctx *ctx_p; struct sec_ctx *prev_ctx_p; + START_PROFILE(pop_sec_ctx); + /* Check for stack underflow */ if (sec_ctx_stack_ndx == 0) { @@ -417,6 +433,8 @@ bool pop_sec_ctx(void) current_user.ut.groups = prev_ctx_p->ut.groups; current_user.nt_user_token = prev_ctx_p->token; + END_PROFILE(pop_sec_ctx); + DEBUG(4, ("pop_sec_ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", (unsigned int)geteuid(), (unsigned int)getegid(), sec_ctx_stack_ndx)); -- 2.11.4.GIT