From owner-svn-src-head@freebsd.org Fri May 17 18:13:44 2019 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 821FB159C783; Fri, 17 May 2019 18:13:44 +0000 (UTC) (envelope-from stevek@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2365E86B74; Fri, 17 May 2019 18:13:44 +0000 (UTC) (envelope-from stevek@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EF03DC0E2; Fri, 17 May 2019 18:13:43 +0000 (UTC) (envelope-from stevek@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id x4HIDhdK096404; Fri, 17 May 2019 18:13:43 GMT (envelope-from stevek@FreeBSD.org) Received: (from stevek@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id x4HIDhTC096403; Fri, 17 May 2019 18:13:43 GMT (envelope-from stevek@FreeBSD.org) Message-Id: <201905171813.x4HIDhTC096403@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: stevek set sender to stevek@FreeBSD.org using -f From: "Stephen J. Kiernan" Date: Fri, 17 May 2019 18:13:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r347938 - head/sys/security/mac_veriexec X-SVN-Group: head X-SVN-Commit-Author: stevek X-SVN-Commit-Paths: head/sys/security/mac_veriexec X-SVN-Commit-Revision: 347938 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 2365E86B74 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.95 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.95)[-0.950,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 May 2019 18:13:44 -0000 Author: stevek Date: Fri May 17 18:13:43 2019 New Revision: 347938 URL: https://svnweb.freebsd.org/changeset/base/347938 Log: Obtain a shared lock instead of exclusive in the MAC/veriexec MAC_VERIEXEC_CHECK_PATH_SYSCALL per-MAC policy system call. When we are checking the status of the fingerprint on a vnode using the per-MAC-policy syscall, we do not need an exclusive lock on the vnode. Even if there is more than one thread requesting the status at the same time, the worst we can end up doing is processing the file more than once. This can potentially be improved in the future with offloading the fingerprint evaluation to a separate thread and blocking until the update completes. But for now the race is acceptable. Obtained from: Juniper Networks, Inc. MFC after: 1 week Modified: head/sys/security/mac_veriexec/mac_veriexec.c Modified: head/sys/security/mac_veriexec/mac_veriexec.c ============================================================================== --- head/sys/security/mac_veriexec/mac_veriexec.c Fri May 17 18:10:11 2019 (r347937) +++ head/sys/security/mac_veriexec/mac_veriexec.c Fri May 17 18:13:43 2019 (r347938) @@ -697,7 +697,8 @@ cleanup_file: break; case MAC_VERIEXEC_CHECK_PATH_SYSCALL: /* Look up the path to get the vnode */ - NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | AUDITVNODE1, + NDINIT(&nd, LOOKUP, + FOLLOW | LOCKLEAF | LOCKSHARED | AUDITVNODE1, UIO_USERSPACE, arg, td); error = namei(&nd); if (error != 0)