Page MenuHomeFreeBSD
Files F102709112

D47595.diff
No OneTemporary
Actions

D47595.diff
View Options

diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -160,7 +160,7 @@
struct rules *rules;
for (pr = spr;; pr = pr->pr_parent) {
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
if (pr == &prison0) {
rules = &rules0;
break;
@@ -168,7 +168,7 @@
rules = osd_jail_get(pr, mac_do_osd_jail_slot);
if (rules != NULL)
break;
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
}
*prp = pr;
@@ -185,15 +185,15 @@
int error;
rules = find_rules(req->td->td_ucred->cr_prison, &pr);
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
if (req->newptr == NULL)
return (sysctl_handle_string(oidp, rules->string, MAC_RULE_STRING_LEN, req));
new_string = malloc(MAC_RULE_STRING_LEN, M_DO,
M_WAITOK|M_ZERO);
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
strlcpy(new_string, rules->string, MAC_RULE_STRING_LEN);
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
error = sysctl_handle_string(oidp, new_string, MAC_RULE_STRING_LEN, req);
if (error)
@@ -204,11 +204,11 @@
if (error)
goto out;
TAILQ_INIT(&saved_head);
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
TAILQ_CONCAT(&saved_head, &rules->head, r_entries);
TAILQ_CONCAT(&rules->head, &head, r_entries);
strlcpy(rules->string, new_string, MAC_RULE_STRING_LEN);
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
toast_rules(&saved_head);
out:
@@ -239,7 +239,7 @@
if (ppr == pr)
goto done;
- mtx_unlock(&ppr->pr_mtx);
+ prison_unlock(ppr);
new_rules = malloc(sizeof(*new_rules), M_PRISON, M_WAITOK|M_ZERO);
rsv = osd_reserve(mac_do_osd_jail_slot);
rules = find_rules(pr, &ppr);
@@ -248,14 +248,14 @@
osd_free_reserved(rsv);
goto done;
}
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
osd_jail_set_reserved(pr, mac_do_osd_jail_slot, rsv, new_rules);
TAILQ_INIT(&new_rules->head);
done:
if (lrp != NULL)
*lrp = rules;
- mtx_unlock(&pr->pr_mtx);
- mtx_unlock(&ppr->pr_mtx);
+ prison_unlock(pr);
+ prison_unlock(ppr);
}
static void
@@ -286,9 +286,9 @@
jsys = JAIL_SYS_NEW;
switch (jsys) {
case JAIL_SYS_INHERIT:
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
osd_jail_del(pr, mac_do_osd_jail_slot);
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
break;
case JAIL_SYS_NEW:
mac_do_alloc_prison(pr, &rules);
@@ -299,11 +299,11 @@
if (error)
return (1);
TAILQ_INIT(&saved_head);
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
TAILQ_CONCAT(&saved_head, &rules->head, r_entries);
TAILQ_CONCAT(&rules->head, &head, r_entries);
strlcpy(rules->string, rules_string, MAC_RULE_STRING_LEN);
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
toast_rules(&saved_head);
break;
}
@@ -329,7 +329,7 @@
error = vfs_setopts(opts, "mdo.rules", rules->string);
if (error != 0 && error != ENOENT)
goto done;
- mtx_unlock(&ppr->pr_mtx);
+ prison_unlock(ppr);
error = 0;
done:
return (0);
@@ -350,9 +350,9 @@
struct prison *pr = obj;
struct rules *r;
- mtx_lock(&pr->pr_mtx);
+ prison_lock(pr);
r = osd_jail_get(pr, mac_do_osd_jail_slot);
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
toast_rules(&r->head);
return (0);
}
@@ -431,14 +431,14 @@
switch (priv) {
case PRIV_CRED_SETGROUPS:
case PRIV_CRED_SETUID:
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
return (0);
default:
break;
}
}
}
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
return (EPERM);
}
@@ -467,11 +467,11 @@
rule = find_rules(cred->cr_prison, &pr);
TAILQ_FOREACH(r, &rule->head, r_entries) {
if (rule_applies(cred, r)) {
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
return (0);
}
}
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
return (EPERM);
}
@@ -527,7 +527,7 @@
}
}
}
- mtx_unlock(&pr->pr_mtx);
+ prison_unlock(pr);
return (error);
}

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 17, 4:27 AM (21 h, 23 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
14661797
Default Alt Text
D47595.diff (3 KB)

Event Timeline