diff options
| author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2010-01-03 07:16:32 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2010-01-10 15:57:44 -0500 |
| commit | f737d95ddfea4df68a36ffc9231db4bf34b06d13 (patch) | |
| tree | 28a1bf737c96ba8048abcf87a7acfc8412e92a2e /security | |
| parent | fdb8ebb729bbb640e64028a4f579a02ebc405727 (diff) | |
TOMOYO: Replace rw_semaphore by mutex.
Since readers no longer use down_read(), writers no longer
need to use rw_semaphore. Replace individual rw_semaphore by
single mutex.
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/tomoyo/common.c | 12 | ||||
| -rw-r--r-- | security/tomoyo/common.h | 5 | ||||
| -rw-r--r-- | security/tomoyo/domain.c | 20 | ||||
| -rw-r--r-- | security/tomoyo/file.c | 26 |
4 files changed, 27 insertions, 36 deletions
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index f01b9364db2d..642e0e565dfc 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c | |||
| @@ -16,6 +16,9 @@ | |||
| 16 | #include "common.h" | 16 | #include "common.h" |
| 17 | #include "tomoyo.h" | 17 | #include "tomoyo.h" |
| 18 | 18 | ||
| 19 | /* Lock for protecting policy. */ | ||
| 20 | DEFINE_MUTEX(tomoyo_policy_lock); | ||
| 21 | |||
| 19 | /* Has loading policy done? */ | 22 | /* Has loading policy done? */ |
| 20 | bool tomoyo_policy_loaded; | 23 | bool tomoyo_policy_loaded; |
| 21 | 24 | ||
| @@ -1086,7 +1089,6 @@ struct tomoyo_policy_manager_entry { | |||
| 1086 | * # cat /sys/kernel/security/tomoyo/manager | 1089 | * # cat /sys/kernel/security/tomoyo/manager |
| 1087 | */ | 1090 | */ |
| 1088 | static LIST_HEAD(tomoyo_policy_manager_list); | 1091 | static LIST_HEAD(tomoyo_policy_manager_list); |
| 1089 | static DECLARE_RWSEM(tomoyo_policy_manager_list_lock); | ||
| 1090 | 1092 | ||
| 1091 | /** | 1093 | /** |
| 1092 | * tomoyo_update_manager_entry - Add a manager entry. | 1094 | * tomoyo_update_manager_entry - Add a manager entry. |
| @@ -1118,7 +1120,7 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
| 1118 | saved_manager = tomoyo_save_name(manager); | 1120 | saved_manager = tomoyo_save_name(manager); |
| 1119 | if (!saved_manager) | 1121 | if (!saved_manager) |
| 1120 | return -ENOMEM; | 1122 | return -ENOMEM; |
| 1121 | down_write(&tomoyo_policy_manager_list_lock); | 1123 | mutex_lock(&tomoyo_policy_lock); |
| 1122 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { | 1124 | list_for_each_entry_rcu(ptr, &tomoyo_policy_manager_list, list) { |
| 1123 | if (ptr->manager != saved_manager) | 1125 | if (ptr->manager != saved_manager) |
| 1124 | continue; | 1126 | continue; |
| @@ -1138,7 +1140,7 @@ static int tomoyo_update_manager_entry(const char *manager, | |||
| 1138 | list_add_tail_rcu(&new_entry->list, &tomoyo_policy_manager_list); | 1140 | list_add_tail_rcu(&new_entry->list, &tomoyo_policy_manager_list); |
| 1139 | error = 0; | 1141 | error = 0; |
| 1140 | out: | 1142 | out: |
| 1141 | up_write(&tomoyo_policy_manager_list_lock); | 1143 | mutex_unlock(&tomoyo_policy_lock); |
| 1142 | return error; | 1144 | return error; |
| 1143 | } | 1145 | } |
| 1144 | 1146 | ||
| @@ -1315,7 +1317,7 @@ static int tomoyo_delete_domain(char *domainname) | |||
| 1315 | 1317 | ||
| 1316 | name.name = domainname; | 1318 | name.name = domainname; |
| 1317 | tomoyo_fill_path_info(&name); | 1319 | tomoyo_fill_path_info(&name); |
| 1318 | down_write(&tomoyo_domain_list_lock); | 1320 | mutex_lock(&tomoyo_policy_lock); |
| 1319 | /* Is there an active domain? */ | 1321 | /* Is there an active domain? */ |
| 1320 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { | 1322 | list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { |
| 1321 | /* Never delete tomoyo_kernel_domain */ | 1323 | /* Never delete tomoyo_kernel_domain */ |
| @@ -1327,7 +1329,7 @@ static int tomoyo_delete_domain(char *domainname) | |||
| 1327 | domain->is_deleted = true; | 1329 | domain->is_deleted = true; |
| 1328 | break; | 1330 | break; |
| 1329 | } | 1331 | } |
| 1330 | up_write(&tomoyo_domain_list_lock); | 1332 | mutex_unlock(&tomoyo_policy_lock); |
| 1331 | return 0; | 1333 | return 0; |
| 1332 | } | 1334 | } |
| 1333 | 1335 | ||
diff --git a/security/tomoyo/common.h b/security/tomoyo/common.h index c6f13925472a..874abf8df43e 100644 --- a/security/tomoyo/common.h +++ b/security/tomoyo/common.h | |||
| @@ -431,10 +431,9 @@ static inline bool tomoyo_is_invalid(const unsigned char c) | |||
| 431 | 431 | ||
| 432 | /* The list for "struct tomoyo_domain_info". */ | 432 | /* The list for "struct tomoyo_domain_info". */ |
| 433 | extern struct list_head tomoyo_domain_list; | 433 | extern struct list_head tomoyo_domain_list; |
| 434 | extern struct rw_semaphore tomoyo_domain_list_lock; | ||
| 435 | 434 | ||
| 436 | /* Lock for domain->acl_info_list. */ | 435 | /* Lock for protecting policy. */ |
| 437 | extern struct rw_semaphore tomoyo_domain_acl_info_list_lock; | 436 | extern struct mutex tomoyo_policy_lock; |
| 438 | 437 | ||
| 439 | /* Has /sbin/init started? */ | 438 | /* Has /sbin/init started? */ |
| 440 | extern bool tomoyo_policy_loaded; | 439 | extern bool tomoyo_policy_loaded; |
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c index 2fd190168b7e..7d0b0bc48201 100644 --- a/security/tomoyo/domain.c +++ b/security/tomoyo/domain.c | |||
| @@ -58,7 +58,6 @@ struct tomoyo_domain_info tomoyo_kernel_domain; | |||
| 58 | * exceptions. | 58 | * exceptions. |
| 59 | */ | 59 | */ |
| 60 | LIST_HEAD(tomoyo_domain_list); | 60 | LIST_HEAD(tomoyo_domain_list); |
| 61 | DECLARE_RWSEM(tomoyo_domain_list_lock); | ||
| 62 | 61 | ||
| 63 | /* | 62 | /* |
| 64 | * tomoyo_domain_initializer_entry is a structure which is used for holding | 63 | * tomoyo_domain_initializer_entry is a structure which is used for holding |
| @@ -206,7 +205,6 @@ const char *tomoyo_get_last_name(const struct tomoyo_domain_info *domain) | |||
| 206 | * unless executed from "<kernel> /etc/rc.d/init.d/httpd" domain. | 205 | * unless executed from "<kernel> /etc/rc.d/init.d/httpd" domain. |
| 207 | */ | 206 | */ |
| 208 | static LIST_HEAD(tomoyo_domain_initializer_list); | 207 | static LIST_HEAD(tomoyo_domain_initializer_list); |
| 209 | static DECLARE_RWSEM(tomoyo_domain_initializer_list_lock); | ||
| 210 | 208 | ||
| 211 | /** | 209 | /** |
| 212 | * tomoyo_update_domain_initializer_entry - Update "struct tomoyo_domain_initializer_entry" list. | 210 | * tomoyo_update_domain_initializer_entry - Update "struct tomoyo_domain_initializer_entry" list. |
| @@ -247,7 +245,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
| 247 | saved_program = tomoyo_save_name(program); | 245 | saved_program = tomoyo_save_name(program); |
| 248 | if (!saved_program) | 246 | if (!saved_program) |
| 249 | return -ENOMEM; | 247 | return -ENOMEM; |
| 250 | down_write(&tomoyo_domain_initializer_list_lock); | 248 | mutex_lock(&tomoyo_policy_lock); |
| 251 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { | 249 | list_for_each_entry_rcu(ptr, &tomoyo_domain_initializer_list, list) { |
| 252 | if (ptr->is_not != is_not || | 250 | if (ptr->is_not != is_not || |
| 253 | ptr->domainname != saved_domainname || | 251 | ptr->domainname != saved_domainname || |
| @@ -271,7 +269,7 @@ static int tomoyo_update_domain_initializer_entry(const char *domainname, | |||
| 271 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_initializer_list); | 269 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_initializer_list); |
| 272 | error = 0; | 270 | error = 0; |
| 273 | out: | 271 | out: |
| 274 | up_write(&tomoyo_domain_initializer_list_lock); | 272 | mutex_unlock(&tomoyo_policy_lock); |
| 275 | return error; | 273 | return error; |
| 276 | } | 274 | } |
| 277 | 275 | ||
| @@ -423,7 +421,6 @@ static bool tomoyo_is_domain_initializer(const struct tomoyo_path_info * | |||
| 423 | * explicitly specified by "initialize_domain". | 421 | * explicitly specified by "initialize_domain". |
| 424 | */ | 422 | */ |
| 425 | static LIST_HEAD(tomoyo_domain_keeper_list); | 423 | static LIST_HEAD(tomoyo_domain_keeper_list); |
| 426 | static DECLARE_RWSEM(tomoyo_domain_keeper_list_lock); | ||
| 427 | 424 | ||
| 428 | /** | 425 | /** |
| 429 | * tomoyo_update_domain_keeper_entry - Update "struct tomoyo_domain_keeper_entry" list. | 426 | * tomoyo_update_domain_keeper_entry - Update "struct tomoyo_domain_keeper_entry" list. |
| @@ -464,7 +461,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
| 464 | saved_domainname = tomoyo_save_name(domainname); | 461 | saved_domainname = tomoyo_save_name(domainname); |
| 465 | if (!saved_domainname) | 462 | if (!saved_domainname) |
| 466 | return -ENOMEM; | 463 | return -ENOMEM; |
| 467 | down_write(&tomoyo_domain_keeper_list_lock); | 464 | mutex_lock(&tomoyo_policy_lock); |
| 468 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { | 465 | list_for_each_entry_rcu(ptr, &tomoyo_domain_keeper_list, list) { |
| 469 | if (ptr->is_not != is_not || | 466 | if (ptr->is_not != is_not || |
| 470 | ptr->domainname != saved_domainname || | 467 | ptr->domainname != saved_domainname || |
| @@ -488,7 +485,7 @@ static int tomoyo_update_domain_keeper_entry(const char *domainname, | |||
| 488 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_keeper_list); | 485 | list_add_tail_rcu(&new_entry->list, &tomoyo_domain_keeper_list); |
| 489 | error = 0; | 486 | error = 0; |
| 490 | out: | 487 | out: |
| 491 | up_write(&tomoyo_domain_keeper_list_lock); | 488 | mutex_unlock(&tomoyo_policy_lock); |
| 492 | return error; | 489 | return error; |
| 493 | } | 490 | } |
| 494 | 491 | ||
| @@ -624,7 +621,6 @@ static bool tomoyo_is_domain_keeper(const struct tomoyo_path_info *domainname, | |||
| 624 | * execve() succeeds is calculated using /bin/cat rather than /bin/busybox . | 621 | * execve() succeeds is calculated using /bin/cat rather than /bin/busybox . |
| 625 | */ | 622 | */ |
| 626 | static LIST_HEAD(tomoyo_alias_list); | 623 | static LIST_HEAD(tomoyo_alias_list); |
| 627 | static DECLARE_RWSEM(tomoyo_alias_list_lock); | ||
| 628 | 624 | ||
| 629 | /** | 625 | /** |
| 630 | * tomoyo_update_alias_entry - Update "struct tomoyo_alias_entry" list. | 626 | * tomoyo_update_alias_entry - Update "struct tomoyo_alias_entry" list. |
| @@ -654,7 +650,7 @@ static int tomoyo_update_alias_entry(const char *original_name, | |||
| 654 | saved_aliased_name = tomoyo_save_name(aliased_name); | 650 | saved_aliased_name = tomoyo_save_name(aliased_name); |
| 655 | if (!saved_original_name || !saved_aliased_name) | 651 | if (!saved_original_name || !saved_aliased_name) |
| 656 | return -ENOMEM; | ||
