Date: Thu, 7 Feb 2008 14:14:05 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134985 for review Message-ID: <200802071414.m17EE5St075336@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=134985 Change 134985 by rwatson@rwatson_freebsd_capabilities on 2008/02/07 14:13:06 Use a pool mutex for each non-capability file rather than a global mutex. Maintain a count of capabilities associated with each non-capability file that can be used to avoid walking the list of capabilities on the file. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#7 edit .. //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#15 edit .. //depot/projects/trustedbsd/capabilities/src/sys/sys/file.h#6 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_descrip.c#7 (text+ko) ==== @@ -1393,6 +1393,7 @@ fp->f_data = NULL; fp->f_vnode = NULL; LIST_INIT(&fp->f_caps); + fp->f_capcount = 0; FILEDESC_XLOCK(p->p_fd); if ((error = fdalloc(td, 0, &i))) { FILEDESC_XUNLOCK(p->p_fd); @@ -2219,6 +2220,8 @@ crfree(fp->f_cred); if (!LIST_EMPTY(&fp->f_caps)) panic("_fdrop: f_caps not empty"); + if (fp->f_capcount != 0) + panic("_fdrop: f_capcount != 0"); uma_zfree(file_zone, fp); return (error); ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#15 (text+ko) ==== @@ -41,7 +41,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#14 $"); +__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#15 $"); #include <sys/param.h> #include <sys/capability.h> @@ -62,8 +62,8 @@ * file f_data field. cap_file and cap_rightss are static once hooked up, as * neither the object it references nor the rights it encapsulates are * permitted to change. cap_filelist may change when other capabilites are - * added or removed from the same file, and is currently protected by - * cap_file_mtx. + * added or removed from the same file, and is currently protected by the + * pool mutex for the object file descriptor. */ struct capability { struct file *cap_object; /* Underlying object's file. */ @@ -100,14 +100,6 @@ static uma_zone_t capability_zone; -/* - * XXXRW: Each file descriptor contains a list of capabilities pointing at it - * so that we the UNIX domain socket GC routine can calculate whether there - * are external references. Ideally we'd use a per-file lock, but right now - * we don't have one, so use a global mutex for now. - */ -static struct mtx cap_file_mtx; - static void capability_init(void *dummy __unused) { @@ -117,7 +109,6 @@ 0); if (capability_zone == NULL) panic("capability_init: capability_zone not initialized"); - mtx_init(&cap_file_mtx, "cap_file_mtx", NULL, MTX_DEF); } SYSINIT(vfs, SI_SUB_VFS, SI_ORDER_ANY, capability_init, NULL); @@ -261,9 +252,10 @@ * Add this capability to the per-file list of referencing * capabilities. */ - mtx_lock(&cap_file_mtx); + mtx_pool_lock(mtxpool_sleep, fp_object); LIST_INSERT_HEAD(&fp_object->f_caps, c, cap_filelist); - mtx_unlock(&cap_file_mtx); + fp_object->f_capcount++; + mtx_pool_unlock(mtxpool_sleep, fp_object); td->td_retval[0] = fd_cap; fdrop(fp, td); fdrop(fp_cap, td); @@ -313,9 +305,10 @@ fp->f_ops = &badfileops; fp->f_data = NULL; fp_object = c->cap_object; - mtx_lock(&cap_file_mtx); + mtx_pool_lock(mtxpool_sleep, fp_object); LIST_REMOVE(c, cap_filelist); - mtx_unlock(&cap_file_mtx); + fp_object->f_capcount--; + mtx_pool_unlock(mtxpool_sleep, fp_object); uma_zfree(capability_zone, c); return (fdrop(fp_object, td)); } ==== //depot/projects/trustedbsd/capabilities/src/sys/sys/file.h#6 (text+ko) ==== @@ -130,7 +130,8 @@ * Mandatory Access control information. */ void *f_label; /* Place-holder for MAC label. */ - LIST_HEAD(, capability) f_caps; /* List of capabilities for file. */ + LIST_HEAD(, capability) f_caps; /* (f) List of capabilities for file. */ + u_int f_capcount; /* (f) Number of capabilities. */ }; #define FOFFSET_LOCKED 0x1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802071414.m17EE5St075336>