|
HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | NOTES | AUTHOR | SEE ALSO | COLOPHON |
|
|
|
avc_cache_stats(3) SELinux API documentation avc_cache_stats(3)
avc_cache_stats, avc_av_stats, avc_sid_stats - obtain userspace
SELinux AVC statistics
#include <selinux/selinux.h>
#include <selinux/avc.h>
void avc_av_stats(void);
void avc_sid_stats(void);
void avc_cache_stats(struct avc_cache_stats *stats);
The userspace AVC maintains two internal hash tables, one to store
security ID's and one to cache access decisions.
avc_av_stats() and avc_sid_stats() produce log messages indicating
the status of the access decision and SID tables, respectively.
The messages contain the number of entries in the table, number of
hash buckets and number of buckets used, and maximum number of
entries in a single bucket.
avc_cache_stats() populates a structure whose fields reflect cache
activity:
struct avc_cache_stats {
unsigned entry_lookups;
unsigned entry_hits;
unsigned entry_misses;
unsigned entry_discards;
unsigned cav_lookups;
unsigned cav_hits;
unsigned cav_probes;
unsigned cav_misses;
};
entry_lookups
Number of queries made.
entry_hits
Number of times a decision was found in the aeref argument.
entry_misses
Number of times a decision was not found in the aeref
argument.
entry_discards
Number of times a decision was not found in the aeref
argument and the aeref argument was non-NULL.
cav_lookups
Number of cache lookups.
cav_hits
Number of cache hits.
cav_misses
Number of cache misses.
cav_probes
Number of entries examined while searching the cache.
When the cache is flushed as a result of a call to avc_reset() or
a policy change notification, the statistics returned by
avc_cache_stats() are reset to zero. The SID table, however, is
left unchanged.
When a policy change notification is received, a call to
avc_av_stats() is made before the cache is flushed.
Eamon Walsh <ewalsh@tycho.nsa.gov>
avc_init(3), avc_has_perm(3), avc_context_to_sid(3),
avc_add_callback(3), selinux(8)
This page is part of the selinux (Security-Enhanced Linux user-
space libraries and tools) project. Information about the project
can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩.
If you have a bug report for this manual page, see
⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/SELinuxProject/selinux⟩ on 2025-08-11. (At
that time, the date of the most recent commit that was found in
the repository was 2025-08-04.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
27 May 2004 avc_cache_stats(3)
Pages that refer to this page: avc_add_callback(3), avc_context_to_sid(3), avc_has_perm(3), avc_open(3)
|
HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|