[apparmor] [PATCH 16/36] apparmor: update compatibility patch for RCU locking

John Johansen john.johansen at canonical.com
Wed May 1 21:31:01 UTC 2013 

Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 security/apparmor/apparmorfs.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index e33a4c5..6d0f0f8 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -20,6 +20,7 @@
 #include <linux/uaccess.h>
 #include <linux/namei.h>
 #include <linux/capability.h>
+#include <linux/rcupdate.h>
 
 #include "include/apparmor.h"
 #include "include/apparmorfs.h"
@@ -531,16 +532,16 @@ static struct aa_namespace *__next_namespace(struct aa_namespace *root,
 	if (!list_empty(&ns->sub_ns)) {
 		struct aa_namespace *next;
 		next = list_first_entry(&ns->sub_ns, typeof(*ns), base.list);
-		read_lock(&next->lock);
+		mutex_lock(&next->lock);
 		return next;
 	}
 
 	/* check if the next ns is a sibling, parent, gp, .. */
 	parent = ns->parent;
 	while (parent) {
-		read_unlock(&ns->lock);
+		mutex_unlock(&ns->lock);
 		list_for_each_entry_continue(ns, &parent->sub_ns, base.list) {
-			read_lock(&ns->lock);
+			mutex_lock(&ns->lock);
 			return ns;
 		}
 		if (parent == root)
@@ -590,13 +591,13 @@ static struct aa_profile *__next_profile(struct aa_profile *p)
 					base.list);
 
 	/* is next profile a sibling, parent sibling, gp, subling, .. */
-	parent = p->parent;
+	parent = rcu_dereference_protected(p->parent, mutex_is_locked(&p->ns->lock));
 	while (parent) {
 		list_for_each_entry_continue(p, &parent->base.profiles,
 					     base.list)
 				return p;
 		p = parent;
-		parent = parent->parent;
+		parent = rcu_dereference_protected(parent->parent, mutex_is_locked(&parent->ns->lock));
 	}
 
 	/* is next another profile in the namespace */
@@ -643,7 +644,7 @@ static void *p_start(struct seq_file *f, loff_t *pos)
 
 
 	/* find the first profile */
-	read_lock(&root->lock);
+	mutex_lock(&root->lock);
 	profile = __first_profile(root, root);
 
 	/* skip to position */
@@ -687,9 +688,9 @@ static void p_stop(struct seq_file *f, void *p)
 
 	if (profile) {
 		for (ns = profile->ns; ns && ns != root; ns = ns->parent)
-			read_unlock(&ns->lock);
+			mutex_unlock(&ns->lock);
 	}
-	read_unlock(&root->lock);
+	mutex_unlock(&root->lock);
 	aa_put_namespace(root);
 }
 
-- 
1.8.1.2

More information about the AppArmor mailing list