[apparmor] [PATCH 19/43] apparmor: convert profile lists to RCU based locking

John Johansen john.johansen at canonical.com
Sat Feb 23 05:40:29 UTC 2013


On 02/22/2013 05:08 PM, Seth Arnold wrote:
> On Fri, Feb 08, 2013 at 01:00:55PM -0800, John Johansen wrote:
> 
> The patch changed the 'Requires' comment here to mention rcu_read_lock
> must be held before calling __policy_find(). I've found code paths that
> appear to ignore this advice (again, using HEAD).
> 
correct perhaps the comment could be changed to rcu_read_lock or the
namespace mutex lock held.

If you hold the mutex lock (writer) you are the one making the changes
so you are safe.

>> /**
>>  * __policy_find - find a policy by @name on a policy list
>>  * @head: list to search  (NOT NULL)
>>  * @name: name to search for  (NOT NULL)
>>  *
>>  * Requires: rcu_read_lock be held
>>  *
>>  * Returns: unrefcounted policy that match @name or NULL if not found
>>  */
>> static struct aa_policy *__policy_find(struct list_head *head, const char *name)
>> {
>>         struct aa_policy *policy;
>>
>>         list_for_each_entry_rcu(policy, head, list) {
>>                 if (!strcmp(policy->name, name))
>>                         return policy;
>>         }
>>         return NULL;
>> }
> 

> profile_load() / profile_replace()
> aa_replace_profiles()
> aa_prepare_namespace() (locks root->lock)
> __aa_find_namespace()
> __policy_find()
> 
> 
> profile_load() / profile_replace()
> aa_replace_profiles()
> __lookup_replace()
> __lookup_profile()
> __find_child()
> __policy_find()
> 
> 
> profile_remove()
> aa_remove_profiles()  (locks ns->lock)
> __lookup_profile()
> __find_child()
> __policy_find()
> 
all of these are writer paths holding the ns mutext lock for the searched list






More information about the AppArmor mailing list