From: Jiri Slaby <jirislaby@gmail.com>
To: casey@schaufler-ca.com
Cc: akpm@osdl.org, torvalds@osdl.org, linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH] (2.6.24-rc3-mm2) -mm Smack mutex cleanup
Date: Tue, 04 Dec 2007 00:20:32 +0100 [thread overview]
Message-ID: <47548F40.8090309@gmail.com> (raw)
In-Reply-To: <47544D58.5090306@schaufler-ca.com>
On 12/03/2007 07:39 PM, Casey Schaufler wrote:
> From: Casey Schaufler <casey@schaufler-ca.com>
>
> Clean out unnecessary mutex initializations for Smack list locks.
> Once this is done, there is no need for them to be shared among
> multiple files, so pull them out of the header file and put them
> in the files where they belong.
Then it might be static.
> Pull unnecessary locking from smack_inode_setsecurity, it used
> to be required when the assignment was not guaranteed to be a
> scalar value but isn't now.
>
> Change uses of __capable(current,...) to capable(...).
> Take out an inappropriate cast. Use container_of() instead
> of doing the same calculation by hand.
> Fix comment spelling errors.
Too many different changes according to the name of the patch.
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
>
> ---
>
> Tested with stamp-2007-11-30-16-39
>
> security/smack/smack.h | 3 --
> security/smack/smack_access.c | 3 ++
> security/smack/smack_lsm.c | 34 +++++++++-----------------------
> security/smack/smackfs.c | 6 +++++
> 4 files changed, 19 insertions(+), 27 deletions(-)
>
> diff -uprN -X linux-2.6.24-rc3-mm2-base/Documentation/dontdiff linux-2.6.24-rc3-mm2-base/security/smack/smack_lsm.c linux-2.6.24-rc3-mm2-smack/security/smack/smack_lsm.c
> --- linux-2.6.24-rc3-mm2-base/security/smack/smack_lsm.c 2007-11-27 16:47:05.000000000 -0800
> +++ linux-2.6.24-rc3-mm2-smack/security/smack/smack_lsm.c 2007-11-28 11:46:13.000000000 -0800
[...]
> @@ -748,9 +746,7 @@ static int smack_inode_setsecurity(struc
> return -EINVAL;
>
> if (strcmp(name, XATTR_SMACK_SUFFIX) == 0) {
> - mutex_lock(&nsp->smk_lock);
> nsp->smk_inode = sp;
> - mutex_unlock(&nsp->smk_lock);
> return 0;
> }
> /*
Ok, it still might be atomic as a variable change, but it will break scenarios
such as
mutex_lock(&nsp->smk_lock);
create(nsp->smk_inode);
cook_a_dinner();
get_info(nsp->smk_inode);
mutex_unlock(&nsp->smk_lock);
While cook_a_dinner(), smack_inode_setsecurity() is called and the attribute
changed...
Doesn't this matter?
next prev parent reply other threads:[~2007-12-03 23:20 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-12-03 18:39 [PATCH] (2.6.24-rc3-mm2) -mm Smack mutex cleanup Casey Schaufler
2007-12-03 23:20 ` Jiri Slaby [this message]
2007-12-04 5:04 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47548F40.8090309@gmail.com \
--to=jirislaby@gmail.com \
--cc=akpm@osdl.org \
--cc=casey@schaufler-ca.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox