[RFC PATCH userspace 3/6] selinux_restorecon: introduce selinux_log_sync()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Add a thread-safe version of selinux_log() and initially use it in
filespec_add(). Together with the previous patch this makes
filespec_add() thread-safe, which will be utilized in subsequent
patches.

Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
---
 libselinux/src/selinux_restorecon.c | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
index f4a973eb..0ebe56b1 100644
--- a/libselinux/src/selinux_restorecon.c
+++ b/libselinux/src/selinux_restorecon.c
@@ -46,6 +46,15 @@ static bool selabel_no_digest;
 static char *rootpath = NULL;
 static int rootpathlen;
 
+/* Thread-safe log function for parallel restorecon */
+static pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+#define selinux_log_sync(type, ...) do { \
+	__pthread_mutex_lock(&log_mutex); \
+	selinux_log(type, __VA_ARGS__); \
+	__pthread_mutex_unlock(&log_mutex); \
+} while(0)
+
 /* Information on excluded fs and directories. */
 struct edir {
 	char *directory;
@@ -455,7 +464,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
 			if (strcmp(fl->con, con) == 0)
 				goto unlock_1;
 
-			selinux_log(SELINUX_ERROR,
+			selinux_log_sync(SELINUX_ERROR,
 				"conflicting specifications for %s and %s, using %s.\n",
 				file, fl->file, fl->con);
 			free(fl->file);
@@ -466,7 +475,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
 			__pthread_mutex_unlock(&fl_mutex);
 
 			if (flags->conflicterror) {
-				selinux_log(SELINUX_ERROR,
+				selinux_log_sync(SELINUX_ERROR,
 				"treating conflicting specifications as an error.\n");
 				return -1;
 			}
@@ -497,7 +506,7 @@ oom_freefl:
 	free(fl);
 oom:
 	__pthread_mutex_unlock(&fl_mutex);
-	selinux_log(SELINUX_ERROR, "%s:  Out of memory\n", __func__);
+	selinux_log_sync(SELINUX_ERROR, "%s:  Out of memory\n", __func__);
 	return -1;
 unlock_1:
 	__pthread_mutex_unlock(&fl_mutex);
-- 
2.30.2




[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux