From owner-p4-projects@FreeBSD.ORG Mon Jul 4 14:52:32 2005 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 39D1916A420; Mon, 4 Jul 2005 14:52:32 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA8B816A41C for ; Mon, 4 Jul 2005 14:52:31 +0000 (GMT) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id D756643D45 for ; Mon, 4 Jul 2005 14:52:31 +0000 (GMT) (envelope-from csjp@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j64EqV5v087055 for ; Mon, 4 Jul 2005 14:52:31 GMT (envelope-from csjp@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j64EqVNt087052 for perforce@freebsd.org; Mon, 4 Jul 2005 14:52:31 GMT (envelope-from csjp@freebsd.org) Date: Mon, 4 Jul 2005 14:52:31 GMT Message-Id: <200507041452.j64EqVNt087052@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to csjp@freebsd.org using -f From: "Christian S.J. Peron" To: Perforce Change Reviews Cc: Subject: PERFORCE change 79559 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jul 2005 14:52:33 -0000 http://perforce.freebsd.org/chv.cgi?CH=79559 Change 79559 by csjp@csjp_xor on 2005/07/04 14:51:31 Make VFS operations performed by mac_chkexec MPsafe through the aquisition of giant. Giant is now aquired while: 1) Calculation and storage of current file checksum 2) Calculation and lookup of checksums associated with dependencies. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.c#12 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_chkexec/mac_chkexec.c#12 (text+ko) ==== @@ -531,15 +531,18 @@ if (++ap >= &paths[10]) break; for (i = 0; i < npaths; i++) { + mtx_lock(&Giant); NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_SYSSPACE, paths[i], curthread); if ((error = namei(&nd)) != 0) { free(depends, M_CHKEXEC); + mtx_unlock(&Giant); return (error); } error = mac_chkexec_check(nd.ni_vp, cred); NDFREE(&nd, NDF_ONLY_PNBUF); vput(nd.ni_vp); + mtx_unlock(&Giant); if (error) { free(depends, M_CHKEXEC); return (error); @@ -841,13 +844,17 @@ return (EPERM); } /* XXX MPSAFE VFS */ + mtx_lock(&Giant); NDINIT(&nd, LOOKUP, LOCKLEAF | FOLLOW, UIO_USERSPACE, arg, td); - if ((error = namei(&nd)) != 0) + if ((error = namei(&nd)) != 0) { + mtx_unlock(&Giant); return (error); + } error = ha->crypto_hash(nd.ni_vp, td->td_ucred, digest); if (error) { NDFREE(&nd, NDF_ONLY_PNBUF); vput(nd.ni_vp); + mtx_unlock(&Giant); return (error); } bzero(&vcsum, sizeof(vcsum)); @@ -856,6 +863,7 @@ error = mac_chkexec_set_vcsum(nd.ni_vp, &vcsum); NDFREE(&nd, NDF_ONLY_PNBUF); vput(nd.ni_vp); + mtx_unlock(&Giant); return (error); }