diff options
author | Paul Moore <paul.moore@hp.com> | 2008-01-29 08:37:52 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-01-29 16:17:16 -0500 |
commit | c783f1ce5712530ba404807c55d77ac782eb8a7d (patch) | |
tree | 3153ec98b5c6d57eb5a0aad43389d4faa6d63586 /net | |
parent | 0ba6c33bcddc64a54b5f1c25a696c4767dc76292 (diff) |
NetLabel: Remove unneeded RCU read locks
This patch removes some unneeded RCU read locks as we can treat the reads as
"safe" even without RCU. It also converts the NetLabel configuration refcount
from a spinlock protected u32 into atomic_t to be more consistent with the rest
of the kernel.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net')
-rw-r--r-- | net/netlabel/netlabel_cipso_v4.c | 5 | ||||
-rw-r--r-- | net/netlabel/netlabel_kapi.c | 3 | ||||
-rw-r--r-- | net/netlabel/netlabel_mgmt.c | 63 | ||||
-rw-r--r-- | net/netlabel/netlabel_mgmt.h | 7 | ||||
-rw-r--r-- | net/netlabel/netlabel_unlabeled.c | 22 |
5 files changed, 15 insertions, 85 deletions
diff --git a/net/netlabel/netlabel_cipso_v4.c b/net/netlabel/netlabel_cipso_v4.c index ba0ca8d3f77d..becf91a952ae 100644 --- a/net/netlabel/netlabel_cipso_v4.c +++ b/net/netlabel/netlabel_cipso_v4.c | |||
@@ -38,6 +38,7 @@ | |||
38 | #include <net/genetlink.h> | 38 | #include <net/genetlink.h> |
39 | #include <net/netlabel.h> | 39 | #include <net/netlabel.h> |
40 | #include <net/cipso_ipv4.h> | 40 | #include <net/cipso_ipv4.h> |
41 | #include <asm/atomic.h> | ||
41 | 42 | ||
42 | #include "netlabel_user.h" | 43 | #include "netlabel_user.h" |
43 | #include "netlabel_cipso_v4.h" | 44 | #include "netlabel_cipso_v4.h" |
@@ -421,7 +422,7 @@ static int netlbl_cipsov4_add(struct sk_buff *skb, struct genl_info *info) | |||
421 | break; | 422 | break; |
422 | } | 423 | } |
423 | if (ret_val == 0) | 424 | if (ret_val == 0) |
424 | netlbl_mgmt_protocount_inc(); | 425 | atomic_inc(&netlabel_mgmt_protocount); |
425 | 426 | ||
426 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD, | 427 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_ADD, |
427 | &audit_info); | 428 | &audit_info); |
@@ -698,7 +699,7 @@ static int netlbl_cipsov4_remove(struct sk_buff *skb, struct genl_info *info) | |||
698 | &audit_info, | 699 | &audit_info, |
699 | netlbl_cipsov4_doi_free); | 700 | netlbl_cipsov4_doi_free); |
700 | if (ret_val == 0) | 701 | if (ret_val == 0) |
701 | netlbl_mgmt_protocount_dec(); | 702 | atomic_dec(&netlabel_mgmt_protocount); |
702 | 703 | ||
703 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL, | 704 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_CIPSOV4_DEL, |
704 | &audit_info); | 705 | &audit_info); |
diff --git a/net/netlabel/netlabel_kapi.c b/net/netlabel/netlabel_kapi.c index 4f50949722a9..d3762ea24957 100644 --- a/net/netlabel/netlabel_kapi.c +++ b/net/netlabel/netlabel_kapi.c | |||
@@ -34,6 +34,7 @@ | |||
34 | #include <net/netlabel.h> | 34 | #include <net/netlabel.h> |
35 | #include <net/cipso_ipv4.h> | 35 | #include <net/cipso_ipv4.h> |
36 | #include <asm/bug.h> | 36 | #include <asm/bug.h> |
37 | #include <asm/atomic.h> | ||
37 | 38 | ||
38 | #include "netlabel_domainhash.h" | 39 | #include "netlabel_domainhash.h" |
39 | #include "netlabel_unlabeled.h" | 40 | #include "netlabel_unlabeled.h" |
@@ -262,7 +263,7 @@ int netlbl_enabled(void) | |||
262 | /* At some point we probably want to expose this mechanism to the user | 263 | /* At some point we probably want to expose this mechanism to the user |
263 | * as well so that admins can toggle NetLabel regardless of the | 264 | * as well so that admins can toggle NetLabel regardless of the |
264 | * configuration */ | 265 | * configuration */ |
265 | return (netlbl_mgmt_protocount_value() > 0 ? 1 : 0); | 266 | return (atomic_read(&netlabel_mgmt_protocount) > 0); |
266 | } | 267 | } |
267 | 268 | ||
268 | /** | 269 | /** |
diff --git a/net/netlabel/netlabel_mgmt.c b/net/netlabel/netlabel_mgmt.c index 9c41464d58d1..e2258dc3c845 100644 --- a/net/netlabel/netlabel_mgmt.c +++ b/net/netlabel/netlabel_mgmt.c | |||
@@ -37,14 +37,14 @@ | |||
37 | #include <net/genetlink.h> | 37 | #include <net/genetlink.h> |
38 | #include <net/netlabel.h> | 38 | #include <net/netlabel.h> |
39 | #include <net/cipso_ipv4.h> | 39 | #include <net/cipso_ipv4.h> |
40 | #include <asm/atomic.h> | ||
40 | 41 | ||
41 | #include "netlabel_domainhash.h" | 42 | #include "netlabel_domainhash.h" |
42 | #include "netlabel_user.h" | 43 | #include "netlabel_user.h" |
43 | #include "netlabel_mgmt.h" | 44 | #include "netlabel_mgmt.h" |
44 | 45 | ||
45 | /* NetLabel configured protocol count */ | 46 | /* NetLabel configured protocol counter */ |
46 | static DEFINE_SPINLOCK(netlabel_mgmt_protocount_lock); | 47 | atomic_t netlabel_mgmt_protocount = ATOMIC_INIT(0); |
47 | static u32 netlabel_mgmt_protocount = 0; | ||
48 | 48 | ||
49 | /* Argument struct for netlbl_domhsh_walk() */ | 49 | /* Argument struct for netlbl_domhsh_walk() */ |
50 | struct netlbl_domhsh_walk_arg { | 50 | struct netlbl_domhsh_walk_arg { |
@@ -71,63 +71,6 @@ static const struct nla_policy netlbl_mgmt_genl_policy[NLBL_MGMT_A_MAX + 1] = { | |||
71 | }; | 71 | }; |
72 | 72 | ||
73 | /* | 73 | /* |
74 | * NetLabel Misc Management Functions | ||
75 | */ | ||
76 | |||
77 | /** | ||
78 | * netlbl_mgmt_protocount_inc - Increment the configured labeled protocol count | ||
79 | * | ||
80 | * Description: | ||
81 | * Increment the number of labeled protocol configurations in the current | ||
82 | * NetLabel configuration. Keep track of this for use in determining if | ||
83 | * NetLabel label enforcement should be active/enabled or not in the LSM. | ||
84 | * | ||
85 | */ | ||
86 | void netlbl_mgmt_protocount_inc(void) | ||
87 | { | ||
88 | spin_lock(&netlabel_mgmt_protocount_lock); | ||
89 | netlabel_mgmt_protocount++; | ||
90 | spin_unlock(&netlabel_mgmt_protocount_lock); | ||
91 | } | ||
92 | |||
93 | /** | ||
94 | * netlbl_mgmt_protocount_dec - Decrement the configured labeled protocol count | ||
95 | * | ||
96 | * Description: | ||
97 | * Decrement the number of labeled protocol configurations in the current | ||
98 | * NetLabel configuration. Keep track of this for use in determining if | ||
99 | * NetLabel label enforcement should be active/enabled or not in the LSM. | ||
100 | * | ||
101 | */ | ||
102 | void netlbl_mgmt_protocount_dec(void) | ||
103 | { | ||
104 | spin_lock(&netlabel_mgmt_protocount_lock); | ||
105 | if (netlabel_mgmt_protocount > 0) | ||
106 | netlabel_mgmt_protocount--; | ||
107 | spin_unlock(&netlabel_mgmt_protocount_lock); | ||
108 | } | ||
109 | |||
110 | /** | ||
111 | * netlbl_mgmt_protocount_value - Return the number of configured protocols | ||
112 | * | ||
113 | * Description: | ||
114 | * Return the number of labeled protocols in the current NetLabel | ||
115 | * configuration. This value is useful in determining if NetLabel label | ||
116 | * enforcement should be active/enabled or not in the LSM. | ||
117 | * | ||
118 | */ | ||
119 | u32 netlbl_mgmt_protocount_value(void) | ||
120 | { | ||
121 | u32 val; | ||
122 | |||
123 | rcu_read_lock(); | ||
124 | val = netlabel_mgmt_protocount; | ||
125 | rcu_read_unlock(); | ||
126 | |||
127 | return val; | ||
128 | } | ||
129 | |||
130 | /* | ||
131 | * NetLabel Command Handlers | 74 | * NetLabel Command Handlers |
132 | */ | 75 | */ |
133 | 76 | ||
diff --git a/net/netlabel/netlabel_mgmt.h b/net/netlabel/netlabel_mgmt.h index ccb2b3923591..a43bff169d6b 100644 --- a/net/netlabel/netlabel_mgmt.h +++ b/net/netlabel/netlabel_mgmt.h | |||
@@ -32,6 +32,7 @@ | |||
32 | #define _NETLABEL_MGMT_H | 32 | #define _NETLABEL_MGMT_H |
33 | 33 | ||
34 | #include <net/netlabel.h> | 34 | #include <net/netlabel.h> |
35 | #include <asm/atomic.h> | ||
35 | 36 | ||
36 | /* | 37 | /* |
37 | * The following NetLabel payloads are supported by the management interface. | 38 | * The following NetLabel payloads are supported by the management interface. |
@@ -168,9 +169,7 @@ enum { | |||
168 | /* NetLabel protocol functions */ | 169 | /* NetLabel protocol functions */ |
169 | int netlbl_mgmt_genl_init(void); | 170 | int netlbl_mgmt_genl_init(void); |
170 | 171 | ||
171 | /* NetLabel misc management functions */ | 172 | /* NetLabel configured protocol reference counter */ |
172 | void netlbl_mgmt_protocount_inc(void); | 173 | extern atomic_t netlabel_mgmt_protocount; |
173 | void netlbl_mgmt_protocount_dec(void); | ||
174 | u32 netlbl_mgmt_protocount_value(void); | ||
175 | 174 | ||
176 | #endif | 175 | #endif |
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 348292450deb..fd53c7ae2977 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c | |||
@@ -29,7 +29,6 @@ | |||
29 | */ | 29 | */ |
30 | 30 | ||
31 | #include <linux/types.h> | 31 | #include <linux/types.h> |
32 | #include <linux/rcupdate.h> | ||
33 | #include <linux/list.h> | 32 | #include <linux/list.h> |
34 | #include <linux/spinlock.h> | 33 | #include <linux/spinlock.h> |
35 | #include <linux/socket.h> | 34 | #include <linux/socket.h> |
@@ -48,7 +47,6 @@ | |||
48 | #include "netlabel_unlabeled.h" | 47 | #include "netlabel_unlabeled.h" |
49 | 48 | ||
50 | /* Accept unlabeled packets flag */ | 49 | /* Accept unlabeled packets flag */ |
51 | static DEFINE_SPINLOCK(netlabel_unlabel_acceptflg_lock); | ||
52 | static u8 netlabel_unlabel_acceptflg = 0; | 50 | static u8 netlabel_unlabel_acceptflg = 0; |
53 | 51 | ||
54 | /* NetLabel Generic NETLINK CIPSOv4 family */ | 52 | /* NetLabel Generic NETLINK CIPSOv4 family */ |
@@ -84,11 +82,8 @@ static void netlbl_unlabel_acceptflg_set(u8 value, | |||
84 | struct audit_buffer *audit_buf; | 82 | struct audit_buffer *audit_buf; |
85 | u8 old_val; | 83 | u8 old_val; |
86 | 84 | ||
87 | spin_lock(&netlabel_unlabel_acceptflg_lock); | ||
88 | old_val = netlabel_unlabel_acceptflg; | 85 | old_val = netlabel_unlabel_acceptflg; |
89 | netlabel_unlabel_acceptflg = value; | 86 | netlabel_unlabel_acceptflg = value; |
90 | spin_unlock(&netlabel_unlabel_acceptflg_lock); | ||
91 | |||
92 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_ALLOW, | 87 | audit_buf = netlbl_audit_start_common(AUDIT_MAC_UNLBL_ALLOW, |
93 | audit_info); | 88 | audit_info); |
94 | if (audit_buf != NULL) { | 89 | if (audit_buf != NULL) { |
@@ -155,11 +150,9 @@ static int netlbl_unlabel_list(struct sk_buff *skb, struct genl_info *info) | |||
155 | goto list_failure; | 150 | goto list_failure; |
156 | } | 151 | } |
157 | 152 | ||
158 | rcu_read_lock(); | ||
159 | ret_val = nla_put_u8(ans_skb, | 153 | ret_val = nla_put_u8(ans_skb, |
160 | NLBL_UNLABEL_A_ACPTFLG, | 154 | NLBL_UNLABEL_A_ACPTFLG, |
161 | netlabel_unlabel_acceptflg); | 155 | netlabel_unlabel_acceptflg); |
162 | rcu_read_unlock(); | ||
163 | if (ret_val != 0) | 156 | if (ret_val != 0) |
164 | goto list_failure; | 157 | goto list_failure; |
165 | 158 | ||
@@ -245,17 +238,10 @@ int netlbl_unlabel_genl_init(void) | |||
245 | */ | 238 | */ |
246 | int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr) | 239 | int netlbl_unlabel_getattr(struct netlbl_lsm_secattr *secattr) |
247 | { | 240 | { |
248 | int ret_val; | 241 | if (netlabel_unlabel_acceptflg == 0) |
249 | 242 | return -ENOMSG; | |
250 | rcu_read_lock(); | 243 | netlbl_secattr_init(secattr); |
251 | if (netlabel_unlabel_acceptflg == 1) { | 244 | return 0; |
252 | netlbl_secattr_init(secattr); | ||
253 | ret_val = 0; | ||
254 | } else | ||
255 | ret_val = -ENOMSG; | ||
256 | rcu_read_unlock(); | ||
257 | |||
258 | return ret_val; | ||
259 | } | 245 | } |
260 | 246 | ||
261 | /** | 247 | /** |