projects / linux-2.6-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f47acc4) | patch
apparmor: use zstd compression for profile data
authorJon Tourville <jon.tourville@canonical.com>
Mon, 11 Jul 2022 16:36:08 +0000 (11:36 -0500)
committerJohn Johansen <john.johansen@canonical.com>
Mon, 3 Oct 2022 21:49:02 +0000 (14:49 -0700)
commitf4d6b94b40c966ddd9eeb0d451e8a02c595ec7e3
tree918cf11a9d4d6ccc6f362f4ee149586bff23c1fctree | snapshot
parentf47acc4b7c43d566bf42816335830c4c17f9c200commit | diff
apparmor: use zstd compression for profile data

Change the algorithm used by apparmor to compress profile data from
zlib to zstd, using the new zstd API introduced in 5.16.

Zstd provides a larger range of compression levels than zlib and
significantly better performance at the default level (for a relatively
small increase in compressed size).

The apparmor module parameter raw_data_compression_level is now clamped
to the minimum and maximum compression levels reported by the zstd
library. A compression level of 0 retains the previous behavior of
disabling policy compression instead of using zstd's behavior, which is
to use the default compression level.

Signed-off-by: Jon Tourville <jon.tourville@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/Kconfig diff | blob | blame | history
security/apparmor/apparmorfs.c diff | blob | blame | history
security/apparmor/lsm.c diff | blob | blame | history
security/apparmor/policy_unpack.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)