lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 3 Jun 2009 07:51:13 +1000 (EST)
From:	James Morris <jmorris@...ei.org>
To:	Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
cc:	lizf@...fujitsu.com, linux-security-module@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/5] TOMOYO: Clarify lock protected section.

On Tue, 2 Jun 2009, Tetsuo Handa wrote:

> James Morris wrote:
> > The lock functions act as annotations, you don't need to add any more.  
> 
> I see. I'll remake patchset.
> 
> Thanks.

Please send new or updates patches as new self-contained emails.

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next



> --------------------
> Subject: TOMOYO: Remove redundant markers.
> 
> Remove '/***** START/STOP *****/' markers.
> 
> Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
> ---
>  security/tomoyo/common.c   |    8 --------
>  security/tomoyo/domain.c   |   14 --------------
>  security/tomoyo/file.c     |   10 ----------
>  security/tomoyo/realpath.c |    4 ----
>  4 files changed, 36 deletions(-)
> 
> --- security-testing-2.6.git.orig/security/tomoyo/common.c
> +++ security-testing-2.6.git/security/tomoyo/common.c
> @@ -866,7 +866,6 @@ static struct tomoyo_profile *tomoyo_fin
>  
>  	if (profile >= TOMOYO_MAX_PROFILES)
>  		return NULL;
> -	/***** EXCLUSIVE SECTION START *****/
>  	mutex_lock(&lock);
>  	ptr = tomoyo_profile_ptr[profile];
>  	if (ptr)
> @@ -880,7 +879,6 @@ static struct tomoyo_profile *tomoyo_fin
>  	tomoyo_profile_ptr[profile] = ptr;
>   ok:
>  	mutex_unlock(&lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return ptr;
>  }
>  
> @@ -1050,7 +1048,6 @@ static int tomoyo_update_manager_entry(c
>  	saved_manager = tomoyo_save_name(manager);
>  	if (!saved_manager)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_policy_manager_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_policy_manager_list, list) {
>  		if (ptr->manager != saved_manager)
> @@ -1072,7 +1069,6 @@ static int tomoyo_update_manager_entry(c
>  	error = 0;
>   out:
>  	up_write(&tomoyo_policy_manager_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -1197,13 +1193,11 @@ static bool tomoyo_is_select_one(struct 
>  
>  	if (sscanf(data, "pid=%u", &pid) == 1) {
>  		struct task_struct *p;
> -		/***** CRITICAL SECTION START *****/
>  		read_lock(&tasklist_lock);
>  		p = find_task_by_vpid(pid);
>  		if (p)
>  			domain = tomoyo_real_domain(p);
>  		read_unlock(&tasklist_lock);
> -		/***** CRITICAL SECTION END *****/
>  	} else if (!strncmp(data, "domain=", 7)) {
>  		if (tomoyo_is_domain_def(data + 7)) {
>  			down_read(&tomoyo_domain_list_lock);
> @@ -1594,13 +1588,11 @@ static int tomoyo_read_pid(struct tomoyo
>  		const int pid = head->read_step;
>  		struct task_struct *p;
>  		struct tomoyo_domain_info *domain = NULL;
> -		/***** CRITICAL SECTION START *****/
>  		read_lock(&tasklist_lock);
>  		p = find_task_by_vpid(pid);
>  		if (p)
>  			domain = tomoyo_real_domain(p);
>  		read_unlock(&tasklist_lock);
> -		/***** CRITICAL SECTION END *****/
>  		if (domain)
>  			tomoyo_io_printf(head, "%d %u %s", pid, domain->profile,
>  					 domain->domainname->name);
> --- security-testing-2.6.git.orig/security/tomoyo/domain.c
> +++ security-testing-2.6.git/security/tomoyo/domain.c
> @@ -67,14 +67,12 @@ void tomoyo_set_domain_flag(struct tomoy
>  {
>  	/* We need to serialize because this is bitfield operation. */
>  	static DEFINE_SPINLOCK(lock);
> -	/***** CRITICAL SECTION START *****/
>  	spin_lock(&lock);
>  	if (!is_delete)
>  		domain->flags |= flags;
>  	else
>  		domain->flags &= ~flags;
>  	spin_unlock(&lock);
> -	/***** CRITICAL SECTION END *****/
>  }
>  
>  /**
> @@ -135,7 +133,6 @@ static int tomoyo_update_domain_initiali
>  	saved_program = tomoyo_save_name(program);
>  	if (!saved_program)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_domain_initializer_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_domain_initializer_list, list) {
>  		if (ptr->is_not != is_not ||
> @@ -161,7 +158,6 @@ static int tomoyo_update_domain_initiali
>  	error = 0;
>   out:
>  	up_write(&tomoyo_domain_initializer_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -315,7 +311,6 @@ static int tomoyo_update_domain_keeper_e
>  	saved_domainname = tomoyo_save_name(domainname);
>  	if (!saved_domainname)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_domain_keeper_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_domain_keeper_list, list) {
>  		if (ptr->is_not != is_not ||
> @@ -341,7 +336,6 @@ static int tomoyo_update_domain_keeper_e
>  	error = 0;
>   out:
>  	up_write(&tomoyo_domain_keeper_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -476,7 +470,6 @@ static int tomoyo_update_alias_entry(con
>  	saved_aliased_name = tomoyo_save_name(aliased_name);
>  	if (!saved_original_name || !saved_aliased_name)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_alias_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_alias_list, list) {
>  		if (ptr->original_name != saved_original_name ||
> @@ -499,7 +492,6 @@ static int tomoyo_update_alias_entry(con
>  	error = 0;
>   out:
>  	up_write(&tomoyo_alias_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -567,7 +559,6 @@ int tomoyo_delete_domain(char *domainnam
>  
>  	name.name = domainname;
>  	tomoyo_fill_path_info(&name);
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_domain_list_lock);
>  	/* Is there an active domain? */
>  	list_for_each_entry(domain, &tomoyo_domain_list, list) {
> @@ -581,7 +572,6 @@ int tomoyo_delete_domain(char *domainnam
>  		break;
>  	}
>  	up_write(&tomoyo_domain_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return 0;
>  }
>  
> @@ -600,7 +590,6 @@ struct tomoyo_domain_info *tomoyo_find_o
>  	struct tomoyo_domain_info *domain = NULL;
>  	const struct tomoyo_path_info *saved_domainname;
>  
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_domain_list_lock);
>  	domain = tomoyo_find_domain(domainname);
>  	if (domain)
> @@ -619,7 +608,6 @@ struct tomoyo_domain_info *tomoyo_find_o
>  		    domain->domainname != saved_domainname)
>  			continue;
>  		flag = false;
> -		/***** CRITICAL SECTION START *****/
>  		read_lock(&tasklist_lock);
>  		for_each_process(p) {
>  			if (tomoyo_real_domain(p) != domain)
> @@ -628,7 +616,6 @@ struct tomoyo_domain_info *tomoyo_find_o
>  			break;
>  		}
>  		read_unlock(&tasklist_lock);
> -		/***** CRITICAL SECTION END *****/
>  		if (flag)
>  			continue;
>  		list_for_each_entry(ptr, &domain->acl_info_list, list) {
> @@ -651,7 +638,6 @@ struct tomoyo_domain_info *tomoyo_find_o
>  	}
>   out:
>  	up_write(&tomoyo_domain_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return domain;
>  }
>  
> --- security-testing-2.6.git.orig/security/tomoyo/file.c
> +++ security-testing-2.6.git/security/tomoyo/file.c
> @@ -166,7 +166,6 @@ static int tomoyo_update_globally_readab
>  	saved_filename = tomoyo_save_name(filename);
>  	if (!saved_filename)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_globally_readable_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_globally_readable_list, list) {
>  		if (ptr->filename != saved_filename)
> @@ -187,7 +186,6 @@ static int tomoyo_update_globally_readab
>  	error = 0;
>   out:
>  	up_write(&tomoyo_globally_readable_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -284,7 +282,6 @@ static int tomoyo_update_file_pattern_en
>  	saved_pattern = tomoyo_save_name(pattern);
>  	if (!saved_pattern)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_pattern_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_pattern_list, list) {
>  		if (saved_pattern != ptr->pattern)
> @@ -305,7 +302,6 @@ static int tomoyo_update_file_pattern_en
>  	error = 0;
>   out:
>  	up_write(&tomoyo_pattern_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -407,7 +403,6 @@ static int tomoyo_update_no_rewrite_entr
>  	saved_pattern = tomoyo_save_name(pattern);
>  	if (!saved_pattern)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_no_rewrite_list_lock);
>  	list_for_each_entry(ptr, &tomoyo_no_rewrite_list, list) {
>  		if (ptr->pattern != saved_pattern)
> @@ -428,7 +423,6 @@ static int tomoyo_update_no_rewrite_entr
>  	error = 0;
>   out:
>  	up_write(&tomoyo_no_rewrite_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -745,7 +739,6 @@ static int tomoyo_update_single_path_acl
>  	saved_filename = tomoyo_save_name(filename);
>  	if (!saved_filename)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_domain_acl_info_list_lock);
>  	if (is_delete)
>  		goto delete;
> @@ -800,7 +793,6 @@ static int tomoyo_update_single_path_acl
>  	}
>   out:
>  	up_write(&tomoyo_domain_acl_info_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> @@ -836,7 +828,6 @@ static int tomoyo_update_double_path_acl
>  	saved_filename2 = tomoyo_save_name(filename2);
>  	if (!saved_filename1 || !saved_filename2)
>  		return -ENOMEM;
> -	/***** EXCLUSIVE SECTION START *****/
>  	down_write(&tomoyo_domain_acl_info_list_lock);
>  	if (is_delete)
>  		goto delete;
> @@ -884,7 +875,6 @@ static int tomoyo_update_double_path_acl
>  	}
>   out:
>  	up_write(&tomoyo_domain_acl_info_list_lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return error;
>  }
>  
> --- security-testing-2.6.git.orig/security/tomoyo/realpath.c
> +++ security-testing-2.6.git/security/tomoyo/realpath.c
> @@ -220,7 +220,6 @@ void *tomoyo_alloc_element(const unsigne
>  		= roundup(size, max(sizeof(void *), sizeof(long)));
>  	if (word_aligned_size > PATH_MAX)
>  		return NULL;
> -	/***** EXCLUSIVE SECTION START *****/
>  	mutex_lock(&lock);
>  	if (buf_used_len + word_aligned_size > PATH_MAX) {
>  		if (!tomoyo_quota_for_elements ||
> @@ -251,7 +250,6 @@ void *tomoyo_alloc_element(const unsigne
>  		}
>  	}
>  	mutex_unlock(&lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return ptr;
>  }
>  
> @@ -318,7 +316,6 @@ const struct tomoyo_path_info *tomoyo_sa
>  		return NULL;
>  	}
>  	hash = full_name_hash((const unsigned char *) name, len - 1);
> -	/***** EXCLUSIVE SECTION START *****/
>  	mutex_lock(&lock);
>  	list_for_each_entry(ptr, &tomoyo_name_list[hash % TOMOYO_MAX_HASH],
>  			     list) {
> @@ -366,7 +363,6 @@ const struct tomoyo_path_info *tomoyo_sa
>  	}
>   out:
>  	mutex_unlock(&lock);
> -	/***** EXCLUSIVE SECTION END *****/
>  	return ptr ? &ptr->entry : NULL;
>  }
>  
> 

-- 
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ