PERFORCE change 56794 for review
Robert Watson
rwatson at FreeBSD.org
Thu Jul 8 18:46:09 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=56794
Change 56794 by rwatson at rwatson_tislabs on 2004/07/08 18:45:19
While reference counting the sysv_msg module to prevent unload
while in use is a good idea, the current implementation suffers
from races that can't be fixed without work at the system call
layer. Remove the current implementation from now to simplify
the set of changes between the FreeBSD CVS version of System V
Message Queues and the TrustedBSD MAC version.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/sysv_msg.c#20 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/sysv_msg.c#20 (text+ko) ====
@@ -128,8 +128,6 @@
static struct msg *msghdrs; /* MSGTQL msg headers */
static struct msqid_kernel *msqids; /* MSGMNI msqid_kernel struct's */
static struct mtx msq_mtx; /* global mutex for message queues. */
-static int refcount; /* to ensure consistency during and after msgunload */
-static struct mtx refcnt_mtx; /* global mutex for refcount. */
static void
msginit()
@@ -212,16 +210,6 @@
#endif
}
mtx_init(&msq_mtx, "msq", NULL, MTX_DEF);
- refcount = 0;
- /*
- * It is not permissible to pass the same mutex to mtx_init()
- * multiple times without intervening calls to mtx_destroy(). Since
- * we cannot destroy the refcnt_mtx during msgunload, we check if the
- * mtx_init has ever been called. If so, we dont need to do mtx_init
- * as the mutex is already initialized.
- */
- if (mtx_initialized(&refcnt_mtx) == 0)
- mtx_init(&refcnt_mtx, "msgrefcnt", NULL, MTX_DEF);
}
static int
@@ -237,11 +225,6 @@
* (tinkering with the data structures), and also that no thread
* can enter the code-paths once the module is unloaded.
*/
- mtx_lock(&refcnt_mtx);
- if (refcount > 0) {
- mtx_unlock(&refcnt_mtx);
- return (EBUSY);
- }
for (msqid = 0; msqid < msginfo.msgmni; msqid++) {
/*
* Look for an unallocated and unlocked msqid_ds.
@@ -254,13 +237,9 @@
(msqkptr->u.msg_perm.mode & MSG_LOCKED) != 0)
break;
}
- if (msqid != msginfo.msgmni) {
- mtx_unlock(&refcnt_mtx);
+ if (msqid != msginfo.msgmni)
return (EBUSY);
- }
- refcount= -1; /* Mark the module as being unloaded */
- mtx_unlock(&refcnt_mtx);
#ifdef MAC
int i;
@@ -276,11 +255,6 @@
free(msghdrs, M_MSG);
free(msqids, M_MSG);
mtx_destroy(&msq_mtx);
- /*
- * NOTE: We cannot destroy the refcnt_mtx as it is possible that
- * some thread might (attempt to) hold the mutex.
- */
-/* mtx_destroy(&refcnt_mtx); */
return (0);
}
@@ -406,29 +380,16 @@
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
return (ENOSYS);
- /*
- * Prevent thread from going any further if module is (being)
- * unloaded.
- */
- mtx_lock(&refcnt_mtx);
- if (refcount < 0 ) {
- mtx_unlock(&refcnt_mtx);
- return (ENOSYS);
- }
- refcount++; /* Indicate that thread is active in the code-path */
- mtx_unlock(&refcnt_mtx);
-
msqid = IPCID_TO_IX(msqid);
if (msqid < 0 || msqid >= msginfo.msgmni) {
DPRINTF(("msqid (%d) out of range (0<=msqid<%d)\n", msqid,
msginfo.msgmni));
- error = EINVAL;
- goto done3;
+ return (EINVAL);
}
if (cmd == IPC_SET &&
(error = copyin(user_msqptr, &msqbuf, sizeof(msqbuf))) != 0)
- goto done3;
+ return (error);
msqkptr = &msqids[msqid];
@@ -561,10 +522,6 @@
mtx_unlock(&msq_mtx);
if (cmd == IPC_STAT && error == 0)
error = copyout(&(msqkptr->u), user_msqptr, sizeof(struct msqid_ds));
-done3:
- mtx_lock(&refcnt_mtx);
- refcount--; /* Indicate that thread no longer active in the code-path */
- mtx_unlock(&refcnt_mtx);
return(error);
}
@@ -594,18 +551,6 @@
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
return (ENOSYS);
- /*
- * Prevent thread from going any further if module is (being)
- * unloaded.
- */
- mtx_lock(&refcnt_mtx);
- if (refcount < 0 ) {
- mtx_unlock(&refcnt_mtx);
- return (ENOSYS);
- }
- refcount++; /* Indicate that thread is active in the code-path */
- mtx_unlock(&refcnt_mtx);
-
mtx_lock(&msq_mtx);
if (key != IPC_PRIVATE) {
for (msqid = 0; msqid < msginfo.msgmni; msqid++) {
@@ -690,9 +635,6 @@
td->td_retval[0] = IXSEQ_TO_IPCID(msqid, msqkptr->u.msg_perm);
done2:
mtx_unlock(&msq_mtx);
- mtx_lock(&refcnt_mtx);
- refcount--; /* Indicate that thread no longer active in the code-path */
- mtx_unlock(&refcnt_mtx);
return (error);
}
@@ -727,18 +669,6 @@
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
return (ENOSYS);
- /*
- * Prevent thread from going any further if module is (being)
- * unloaded.
- */
- mtx_lock(&refcnt_mtx);
- if (refcount < 0 ) {
- mtx_unlock(&refcnt_mtx);
- return (ENOSYS);
- }
- refcount++; /* Indicate that thread is active in the code-path */
- mtx_unlock(&refcnt_mtx);
-
mtx_lock(&msq_mtx);
msqid = IPCID_TO_IX(msqid);
@@ -1046,9 +976,6 @@
td->td_retval[0] = 0;
done2:
mtx_unlock(&msq_mtx);
- mtx_lock(&refcnt_mtx);
- refcount--; /* Indicate that thread no longer active in the code-path */
- mtx_unlock(&refcnt_mtx);
return (error);
}
@@ -1087,25 +1014,12 @@
if (!jail_sysvipc_allowed && jailed(td->td_ucred))
return (ENOSYS);
- /*
- * Prevent thread from going any further if module is (being)
- * unloaded.
- */
- mtx_lock(&refcnt_mtx);
- if (refcount < 0 ) {
- mtx_unlock(&refcnt_mtx);
- return (ENOSYS);
- }
- refcount++; /* Indicate that thread is active in the code-path */
- mtx_unlock(&refcnt_mtx);
-
msqid = IPCID_TO_IX(msqid);
if (msqid < 0 || msqid >= msginfo.msgmni) {
DPRINTF(("msqid (%d) out of range (0<=msqid<%d)\n", msqid,
msginfo.msgmni));
- error = EINVAL;
- goto done3;
+ return (EINVAL);
}
msqkptr = &msqids[msqid];
@@ -1366,10 +1280,6 @@
td->td_retval[0] = msgsz;
done2:
mtx_unlock(&msq_mtx);
-done3:
- mtx_lock(&refcnt_mtx);
- refcount--; /* Indicate that thread no longer active in the code-path */
- mtx_unlock(&refcnt_mtx);
return (error);
}
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list