Good morning.

Thu, Oct 07, 2004 5:12 AM
Stephen Smalley wrote:
> > > Perhaps we need to move the rcu_read_lock/unlock to the hook functions
> > > that call sel_netif_lookup?
> >
> > We shouldn't push locking to the caller, there must be another way.
>
> Comparing with the AVC, we have avc_has_perm_noaudit() perform the
> rcu_read_lock/unlock, but it holds the lock until it has copied the
> result, and merely returns a copy of the decision to the caller, not a
> reference to a node itself. You could do likewise for sel_netif_lookup
> and only have it return copies of the SIDs to the caller. The netif AVC
> entry reference is obsolete anyway with the introduction of RCU for the
> AVC. No need for any atomic operations on the read path, which is one
> of the stated purposes of RCU (Documentation/RCU/rcu.txt) - readers need
> not acquire any locks, perform any atomic instructions, ...

Indeed, I agree it doesn't need to return the reference of 'netif' object. For example, should the function prototype be replaced as follows?

• struct *sel_netif *sel_netif_lookup(struct net_device *dev) -> int sel_netif_lookup(struct net_device *dev, u32 *if_sid, u32 *msg_sid)
• sel_netif_put() is discontinued.

If it's so, we can hide rcu_read_lock()/unlock() in netif.c.

In my previous patch, caller is under the rcu_read_lock() when sel_netif_lookup() returns success. I don't think it's a significant issue, because it's like XXXX_trylock(). But Stephen's suggestion is better.

Thanks.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.