centos man page for avc_cache_stats

Centos Man Pages All Man Pages Latest Topics Forum Categories

Query: avc_cache_stats

OS: centos

Section: 3

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

avc_cache_stats(3)					     SELinux API documentation						avc_cache_stats(3)


NAME

       avc_cache_stats, avc_av_stats, avc_sid_stats - obtain userspace SELinux AVC statistics


SYNOPSIS

       #include <selinux/selinux.h>
       #include <selinux/avc.h>

       void avc_av_stats(void);

       void avc_sid_stats(void);

       void avc_cache_stats(struct avc_cache_stats *stats);


DESCRIPTION

       The userspace AVC maintains two internal hash tables, one to store security ID's and one to cache access decisions.

       avc_av_stats()  and  avc_sid_stats()  produce  log messages indicating the status of the access decision and SID tables, respectively.  The
       messages contain the number of entries in the table, number of hash buckets and number of buckets used, and maximum number of entries in  a
       single bucket.

       avc_cache_stats() populates a structure whose fields reflect cache activity:

	      struct avc_cache_stats {
		  unsigned  entry_lookups;
		  unsigned  entry_hits;
		  unsigned  entry_misses;
		  unsigned  entry_discards;
		  unsigned  cav_lookups;
		  unsigned  cav_hits;
		  unsigned  cav_probes;
		  unsigned  cav_misses;
	      };

       entry_lookups
	      Number of queries made.

       entry_hits
	      Number of times a decision was found in the aeref argument.

       entry_misses
	      Number of times a decision was not found in the aeref argument.

       entry_discards
	      Number of times a decision was not found in the aeref argument and the aeref argument was non-NULL.

       cav_lookups
	      Number of cache lookups.

       cav_hits
	      Number of cache hits.

       cav_misses
	      Number of cache misses.

       cav_probes
	      Number of entries examined while searching the cache.


NOTES

       When  the  cache  is  flushed  as  a  result  of  a  call  to  avc_reset()  or  a  policy  change  notification, the statistics returned by
       avc_cache_stats() are reset to zero.  The SID table, however, is left unchanged.

       When a policy change notification is received, a call to avc_av_stats() is made before the cache is flushed.


AUTHOR

       Eamon Walsh <ewalsh@tycho.nsa.gov>


SEE ALSO

       avc_init(3), avc_has_perm(3), avc_context_to_sid(3), avc_add_callback(3), selinux(8)

								    27 May 2004 						avc_cache_stats(3)
Related Man Pages
avc_destroy(3) - centos
avc_has_perm_noaudit(3) - debian
avc_entry_ref_init(3) - centos
avc_has_perm_noaudit(3) - centos
avc_sid_stats(3) - centos
Similar Topics in the Unix Linux Community
Sanity From the 1st Post-Bilski Decision from BPAI: In Re Proudler