PERFORCE change 20984 for review
Robert Watson
rwatson at freebsd.org
Tue Nov 12 04:19:43 GMT 2002
http://perforce.freebsd.org/chv.cgi?CH=20984
Change 20984 by rwatson at rwatson_tislabs on 2002/11/11 20:19:15
Comment updates regarding synchronization.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#358 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#358 (text+ko) ====
@@ -226,12 +226,18 @@
MALLOC_DEFINE(M_MACTEMP, "mactemp", "MAC temporary label storage");
/*
- * mac_policy_list_lock protects the consistency of 'mac_policy_list',
- * the linked list of attached policy modules. Read-only consumers of
- * the list must acquire a shared lock for the duration of their use;
- * writers must acquire an exclusive lock. Note that for compound
- * operations, locks should be held for the entire compound operation,
- * and that this is not yet done for relabel requests.
+ * mac_policy_list stores the list of active policies. A busy count is
+ * maintained for the list, stored in mac_policy_busy. The busy count
+ * is protected by mac_policy_list_lock; the list may be modified only
+ * while the busy count is 0, requiring that the lock be held to
+ * prevent new references to the list from being acquired. For almost
+ * all operations, incrementing the busy count is sufficient to
+ * guarantee consistency, as the list cannot be modified while the
+ * busy count is elevated. For a few special operations involving a
+ * change to the list of active policies, the lock itself must be held.
+ * A condition variable, mac_policy_list_not_busy, is used to signal
+ * potential exclusive consumers that they should try to acquire the
+ * lock if a first attempt at exclusive access fails.
*/
static struct mtx mac_policy_list_lock;
static struct cv mac_policy_list_not_busy;
@@ -252,6 +258,15 @@
mtx_unlock(&mac_policy_list_lock); \
} while (0)
+/*
+ * We manually invoke WITNESS_SLEEP() to allow Witness to generate
+ * warnings even if we don't end up ever triggering the wait at
+ * run-time. The consumer of the exclusive interface must not hold
+ * any locks (other than potentially Giant) since we may sleep for
+ * long (potentially indefinite) periods of time waiting for the
+ * framework to become quiescent so that a policy list change may
+ * be made.
+ */
#define MAC_POLICY_LIST_EXCLUSIVE() do { \
WITNESS_SLEEP(1, NULL); \
mtx_lock(&mac_policy_list_lock); \
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list