From owner-p4-projects@FreeBSD.ORG  Sun Jan 30 21:57:36 2005
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id D680016A4D0; Sun, 30 Jan 2005 21:57:35 +0000 (GMT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AD04D16A4CE
	for <perforce@freebsd.org>; Sun, 30 Jan 2005 21:57:35 +0000 (GMT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8018743D1F
	for <perforce@freebsd.org>; Sun, 30 Jan 2005 21:57:35 +0000 (GMT)
	(envelope-from trhodes@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j0ULvZon087537
	for <perforce@freebsd.org>; Sun, 30 Jan 2005 21:57:35 GMT
	(envelope-from trhodes@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j0ULvZw4087534
	for perforce@freebsd.org; Sun, 30 Jan 2005 21:57:35 GMT
	(envelope-from trhodes@freebsd.org)
Date: Sun, 30 Jan 2005 21:57:35 GMT
Message-Id: <200501302157.j0ULvZw4087534@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	trhodes@freebsd.org using -f
From: Tom Rhodes <trhodes@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 70005 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Jan 2005 21:57:36 -0000

http://perforce.freebsd.org/chv.cgi?CH=70005

Change 70005 by trhodes@trhodes_local on 2005/01/30 21:57:08

	Add locking

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#78 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#78 (text+ko) ====

@@ -1,9 +1,11 @@
 /*-
+ * Copyright (c) 2005 Tom Rhodes
  * Copyright (c) 1999-2002 Robert N. M. Watson
  * Copyright (c) 2001-2004 Networks Associates Technology, Inc.
  * All rights reserved.
  *
  * This software was developed by Robert Watson for the TrustedBSD Project.
+ * It was later enhanced by Tom Rhodes for the TrustedBSD Project.
  *
  * This software was developed for the FreeBSD Project in part by Network
  * Associates Laboratories, the Security Research Division of Network
@@ -31,15 +33,13 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD: src/sys/security/mac_bsdextended/mac_bsdextended.c,v 1.24 2004/10/22 11:15:47 rwatson Exp $
+ * $FreeBSD: /repoman/r/ncvs/src/sys/security/mac_bsdextended/mac_bsdextended.c,v 1.24 2004/10/22 11:15:47 rwatson Exp $
  */
 
 /*
  * Developed by the TrustedBSD Project.
  * "BSD Extended" MAC policy, allowing the administrator to impose
  * mandatory rules regarding users and some system objects.
- *
- * XXX: Much locking support required here.
  */
 
 #include <sys/types.h>
@@ -47,9 +47,11 @@
 #include <sys/acl.h>
 #include <sys/conf.h>
 #include <sys/kernel.h>
+#include <sys/lock.h>
 #include <sys/mac.h>
 #include <sys/malloc.h>
 #include <sys/mount.h>
+#include <sys/mutex.h>
 #include <sys/proc.h>
 #include <sys/systm.h>
 #include <sys/sysproto.h>
@@ -72,6 +74,8 @@
 
 #include <security/mac_bsdextended/mac_bsdextended.h>
 
+static struct mtx mac_bsdextended_mtx;
+
 SYSCTL_DECL(_security_mac);
 
 SYSCTL_NODE(_security_mac, OID_AUTO, bsdextended, CTLFLAG_RW, 0,
@@ -145,16 +149,26 @@
 		return (EINVAL);
 
 	index = name[0];
-	if (index < 0 || index > rule_slots + 1)
+        if (index > MAC_BSDEXTENDED_MAXRULES)
 		return (ENOENT);
-	if (rule_slots >= MAC_BSDEXTENDED_MAXRULES)
-		return (ENOENT);
 
 	if (req->oldptr) {
-		if (rules[index] == NULL)
+		mtx_lock(&mac_bsdextended_mtx);
+		if (index < 0 || index > rule_slots + 1) {
+			mtx_unlock(&mac_bsdextended_mtx);
+			return (ENOENT);
+			}
+
+		if (rules[index] == NULL) {
+			mtx_unlock(&mac_bsdextended_mtx);
 			return (ENOENT);
+			}
 
-		error = SYSCTL_OUT(req, rules[index], sizeof(*rules[index]));
+		temprule = *rules[index];
+		mtx_unlock(&mac_bsdextended_mtx);
+
+		error = SYSCTL_OUT(req, &temprule, sizeof(temprule));
+
 		if (error)
 			return (error);
 	}
@@ -162,11 +176,15 @@
 	if (req->newptr) {
 		if (req->newlen == 0) {
 			/* printf("deletion\n"); */
+			mtx_lock(&mac_bsdextended_mtx);
 			ruleptr = rules[index];
-			if (ruleptr == NULL)
+			if (ruleptr == NULL) {
+				mtx_unlock(&mac_bsdextended_mtx);
 				return (ENOENT);
+			}
 			rule_count--;
 			rules[index] = NULL;
+			mtx_unlock(&mac_bsdextended_mtx);
 			FREE(ruleptr, M_MACBSDEXTENDED);
 			return(0);
 		}
@@ -178,20 +196,23 @@
 		if (error)
 			return (error);
 
+		MALLOC(ruleptr, struct mac_bsdextended_rule *,
+		    sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK | M_ZERO);
+		mtx_lock(&mac_bsdextended_mtx);
 		if (rules[index] == NULL) {
 			/* printf("addition\n"); */
-			MALLOC(ruleptr, struct mac_bsdextended_rule *,
-			    sizeof(*ruleptr), M_MACBSDEXTENDED, M_WAITOK |
-			    M_ZERO);
 			*ruleptr = temprule;
 			rules[index] = ruleptr;
-			if (index+1 > rule_slots)
-				rule_slots = index+1;
+			if (index + 1 > rule_slots)
+				rule_slots = index + 1;
 			rule_count++;
 		} else {
+			mtx_unlock(&mac_bsdextended_mtx);
+			FREE(ruleptr, M_MACBSDEXTENDED);
 			/* printf("replacement\n"); */
 			*rules[index] = temprule;
 		}
+		mtx_unlock(&mac_bsdextended_mtx);
 	}
 
 	return (0);
@@ -205,6 +226,8 @@
 {
 
 	/* Initialize ruleset lock. */
+	mtx_init(&mac_bsdextended_mtx, "mac_bsdextended lock", NULL, MTX_DEF);
+
 	/* Register dynamic sysctl's for rules. */
 }
 
@@ -212,8 +235,10 @@
 mac_bsdextended_destroy(struct mac_policy_conf *mpc)
 {
 
+	/* Destroy ruleset lock. */
+	mtx_destroy(&mac_bsdextended_mtx);
+
 	/* Tear down sysctls. */
-	/* Destroy ruleset lock. */
 }
 
 static int
@@ -225,6 +250,7 @@
 	/*
 	 * Is there a subject match?
 	 */
+	mtx_assert(&mac_bsdextended_mtx, MA_OWNED);
 	if (rule->mbr_subject.mbi_flags & MBI_UID_DEFINED) {
 		match =  (rule->mbr_subject.mbi_uid == cred->cr_uid ||
 		    rule->mbr_subject.mbi_uid == cred->cr_ruid ||
@@ -301,6 +327,7 @@
 	if (suser_cred(cred, 0) == 0)
 		return (0);
 
+	mtx_lock(&mac_bsdextended_mtx);
 	for (i = 0; i < rule_slots; i++) {
 		if (rules[i] == NULL)
 			continue;
@@ -318,10 +345,12 @@
 		    object_gid, acc_mode);
 		if (error == EJUSTRETURN)
 			break;
-		if (error)
+		if (error) {
+			mtx_unlock(&mac_bsdextended_mtx);
 			return (error);
+		}
 	}
-
+	mtx_unlock(&mac_bsdextended_mtx);
 	return (0);
 }