HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |DESCRIPTION |NOTES |AUTHOR |SEE ALSO |COLOPHON | |
avc_cache_stats(3) SELinux API documentationavc_cache_stats(3)avc_cache_stats, avc_av_stats, avc_sid_stats - obtain userspace SELinux AVC statistics
#include <selinux/selinux.h>#include <selinux/avc.h>void avc_av_stats(void);void avc_sid_stats(void);void avc_cache_stats(struct avc_cache_stats *stats);
The userspace AVC maintains two internal hash tables, one to store security ID's and one to cache access decisions.avc_av_stats() andavc_sid_stats() produce log messages indicating the status of the access decision and SID tables, respectively. The messages contain the number of entries in the table, number of hash buckets and number of buckets used, and maximum number of entries in a single bucket.avc_cache_stats() populates a structure whose fields reflect cache activity: struct avc_cache_stats { unsigned entry_lookups; unsigned entry_hits; unsigned entry_misses; unsigned entry_discards; unsigned cav_lookups; unsigned cav_hits; unsigned cav_probes; unsigned cav_misses; };entry_lookups Number of queries made.entry_hits Number of times a decision was found in theaeref argument.entry_misses Number of times a decision was not found in theaeref argument.entry_discards Number of times a decision was not found in theaeref argument and theaeref argument was non-NULL.cav_lookups Number of cache lookups.cav_hits Number of cache hits.cav_misses Number of cache misses.cav_probes Number of entries examined while searching the cache.When the cache is flushed as a result of a call toavc_reset() or a policy change notification, the statistics returned byavc_cache_stats() are reset to zero. The SID table, however, is left unchanged. When a policy change notification is received, a call toavc_av_stats() is made before the cache is flushed.
Eamon Walsh <ewalsh@tycho.nsa.gov>
avc_init(3),avc_has_perm(3),avc_context_to_sid(3),avc_add_callback(3),selinux(8)
This page is part of theselinux (Security-Enhanced Linux user- space libraries and tools) project. Information about the project can be found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩. If you have a bug report for this manual page, see ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩. This page was obtained from the project's upstream Git repository ⟨https://github.com/SELinuxProject/selinux⟩ on 2025-08-11. (At that time, the date of the most recent commit that was found in the repository was 2025-08-04.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.org 27 May 2004avc_cache_stats(3)Pages that refer to this page:avc_add_callback(3), avc_context_to_sid(3), avc_has_perm(3), avc_open(3)
HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |