Red Hat Bugzilla – Bug 197704
investigate useage of sem in inode_security_set_sid
Last modified: 2007-11-30 17:11:36 EST
eliminate the holding of the sem in inode_security_set_sid if it is indeed not
Rationale: isec->sem is used to synchronize inode security setup, but this is
only necessary when multiple threads may access the inode, as in
inode_doinit_with_dentry (upon lookup). inode_security_set_sid is now only used
by inode_init_security (and could be folded into it), which is called to set up
newly created inodes before they are accessible. I think that the taking of
isem there is legacy code. Note that taking the sem also does no good there, as
if you have multiple threads accessing the inode there, someone is going to lose
and have his value clobbered.
We should also look at converting the remaining semaphores in the SELinux code
to simple mutexes.
"We should also look at converting the remaining semaphores in the SELinux code
to simple mutexes."
By simpe mutexes do you mean spin locks? Does the kernel have another locking
mechanism that would work other than spin locks and semaphores initialized to 1?
Posted upstream and in -mm
Closing current release (in 2.6.18)