Date: Mon, 22 Jan 2007 16:13:01 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 113355 for review Message-ID: <200701221613.l0MGD1Ue029118@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=113355 Change 113355 by millert@millert_macbook on 2007/01/22 16:12:25 Back out thread labels (which were really just references to the parent task's label handle). It was a proof of concept that doesn't work well with the current label handle model. A real solution requires reference-counted labels that may be modified in-place. I have a design to do that but it is not likely to happen any time soon. Affected files ... .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/ipc/ipc_labelh.c#11 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/ipc/ipc_labelh.h#6 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/task.c#10 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.c#4 edit .. //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.h#4 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/ipc/ipc_labelh.c#11 (text+ko) ==== @@ -149,7 +149,7 @@ * Returned label handle is locked. */ ipc_labelh_t -labelh_modify(ipc_labelh_t old, int keepold) +labelh_modify(ipc_labelh_t old) { ipc_labelh_t lh; ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/ipc/ipc_labelh.h#6 (text+ko) ==== @@ -45,7 +45,7 @@ void labelh_destroy(ipc_port_t port); ipc_labelh_t labelh_duplicate(ipc_labelh_t old); -ipc_labelh_t labelh_modify(ipc_labelh_t old, int keepold); +ipc_labelh_t labelh_modify(ipc_labelh_t old); ipc_labelh_t labelh_new(int canblock); kern_return_t labelh_new_user(ipc_space_t, struct label *, mach_port_name_t *); void labelh_release(ipc_labelh_t lh); ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/task.c#10 (text+ko) ==== @@ -1696,35 +1696,10 @@ struct label *pl, struct task *task) { - thread_t thread; - ipc_labelh_t oldlabel; tasklabel_lock(task); - oldlabel = task->label; - - /* - * For each thread in the task, release a reference to the label - * handle in the thread if it matches the parent's. - * XXX - do we need to hold the task while this is going on? - */ - queue_iterate(&task->threads, thread, thread_t, task_threads) { - if (thread->label == oldlabel) - lh_release(oldlabel); - } - task->label = labelh_modify(task->label, 1); + task->label = labelh_modify(task->label); mac_task_label_update(pl, &task->maclabel); - /* - * Replace the old label in the task's threads with the new one. - */ - queue_iterate(&task->threads, thread, thread_t, task_threads) { - if (thread->label == oldlabel) { - thread->label = task->label; - lh_reference(task->label); - } - } - /* Free old label if it is no longer in use. */ - if (task->label != oldlabel) - lh_check_unlock(oldlabel); tasklabel_unlock(task); ip_lock(task->itk_self); mac_port_label_update_cred(pl, &task->itk_self->ip_label); @@ -1737,35 +1712,10 @@ void *arg, void (*f) (struct label *l, void *arg)) { - thread_t thread; - ipc_labelh_t oldlabel; tasklabel_lock(task); - oldlabel = task->label; - - /* - * For each thread in the task, release a reference to the label - * handle in the thread if it matches the parent's. - * XXX - do we need to hold the task while this is going on? - */ - queue_iterate(&task->threads, thread, thread_t, task_threads) { - if (thread->label == oldlabel) - lh_release(oldlabel); - } - task->label = labelh_modify(task->label, 1); + task->label = labelh_modify(task->label); (*f)(&task->maclabel, arg); - /* - * Replace the old label in the task's threads with the new one. - */ - queue_iterate(&task->threads, thread, thread_t, task_threads) { - if (thread->label == oldlabel) { - thread->label = task->label; - lh_reference(task->label); - } - } - /* Free old label if it is no longer in use. */ - if (task->label != oldlabel) - lh_check_unlock(oldlabel); tasklabel_unlock(task); } ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.c#4 (text+ko) ==== @@ -391,10 +391,6 @@ machine_thread_destroy(thread); -#ifdef MAC - labelh_release(task->label); -#endif - zfree(thread_zone, thread); } @@ -669,11 +665,6 @@ new_thread->pri_shift = new_thread->processor_set->pri_shift; compute_priority(new_thread, FALSE); -#ifdef MAC - labelh_reference(parent_task->label); - new_thread->label = parent_task->label; -#endif - new_thread->active = TRUE; *out_thread = new_thread; ==== //depot/projects/trustedbsd/sedarwin8/darwin/xnu/osfmk/kern/thread.h#4 (text+ko) ==== @@ -122,9 +122,7 @@ #include <kern/timer_call.h> #include <kern/task.h> #include <kern/exception.h> -#include <security/_label.h> -#include <ipc/ipc_labelh.h> #include <ipc/ipc_kmsg.h> #include <machine/cpu_data.h> @@ -357,10 +355,6 @@ #ifdef MACH_BSD void *uthread; #endif - -#ifdef MAC - ipc_labelh_t label; -#endif }; #define ith_state saved.receive.state
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701221613.l0MGD1Ue029118>