Date: Thu, 25 Mar 2004 10:26:41 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 49674 for review Message-ID: <200403251826.i2PIQfwj096046@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=49674 Change 49674 by rwatson@rwatson_tislabs on 2004/03/25 10:26:21 Update for BPF fine-grained locking: BPF descriptor lock and not Giant now protects the label. Affected files ... .. //depot/projects/trustedbsd/mac/sys/net/bpf.c#31 edit .. //depot/projects/trustedbsd/mac/sys/net/bpfdesc.h#11 edit .. //depot/projects/trustedbsd/mac/sys/security/mac/mac_net.c#23 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/net/bpf.c#31 (text+ko) ==== @@ -578,10 +578,12 @@ if (d->bd_hdrcmplt) dst.sa_family = pseudo_AF_HDRCMPLT; - mtx_lock(&Giant); #ifdef MAC + BPFD_LOCK(d); mac_create_mbuf_from_bpfdesc(d, m); + BPFD_UNLOCK(d); #endif + mtx_lock(&Giant); error = (*ifp->if_output)(ifp, m, &dst, (struct rtentry *)0); mtx_unlock(&Giant); /* ==== //depot/projects/trustedbsd/mac/sys/net/bpfdesc.h#11 (text+ko) ==== @@ -102,6 +102,7 @@ #define BPFD_LOCK(bd) mtx_lock(&(bd)->bd_mtx) #define BPFD_UNLOCK(bd) mtx_unlock(&(bd)->bd_mtx) +#define BPFD_LOCK_ASSERT(bd) mtx_assert(&(bd)->bd_mtx, MA_OWNED) /* Test whether a BPF is ready for read(). */ #define bpf_ready(bd) \ ==== //depot/projects/trustedbsd/mac/sys/security/mac/mac_net.c#23 (text+ko) ==== @@ -292,6 +292,8 @@ { struct label *label; + BPFD_LOCK_ASSERT(bpf_d); + label = mac_mbuf_to_label(mbuf); MAC_PERFORM(create_mbuf_from_bpfdesc, bpf_d, bpf_d->bd_label, mbuf, @@ -350,6 +352,8 @@ { int error; + BPFD_LOCK_ASSERT(bpf_d); + if (!mac_enforce_network) return (0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200403251826.i2PIQfwj096046>