Add a thread-safe version of selinux_log() and initially use it in filespec_add(). Together with the previous patch this makes filespec_add() thread-safe, which will be utilized in subsequent patches. Signed-off-by: Ondrej Mosnacek <omosnace@xxxxxxxxxx> --- libselinux/src/selinux_restorecon.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c index f4a973eb..0ebe56b1 100644 --- a/libselinux/src/selinux_restorecon.c +++ b/libselinux/src/selinux_restorecon.c @@ -46,6 +46,15 @@ static bool selabel_no_digest; static char *rootpath = NULL; static int rootpathlen; +/* Thread-safe log function for parallel restorecon */ +static pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER; + +#define selinux_log_sync(type, ...) do { \ + __pthread_mutex_lock(&log_mutex); \ + selinux_log(type, __VA_ARGS__); \ + __pthread_mutex_unlock(&log_mutex); \ +} while(0) + /* Information on excluded fs and directories. */ struct edir { char *directory; @@ -455,7 +464,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file, if (strcmp(fl->con, con) == 0) goto unlock_1; - selinux_log(SELINUX_ERROR, + selinux_log_sync(SELINUX_ERROR, "conflicting specifications for %s and %s, using %s.\n", file, fl->file, fl->con); free(fl->file); @@ -466,7 +475,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file, __pthread_mutex_unlock(&fl_mutex); if (flags->conflicterror) { - selinux_log(SELINUX_ERROR, + selinux_log_sync(SELINUX_ERROR, "treating conflicting specifications as an error.\n"); return -1; } @@ -497,7 +506,7 @@ oom_freefl: free(fl); oom: __pthread_mutex_unlock(&fl_mutex); - selinux_log(SELINUX_ERROR, "%s: Out of memory\n", __func__); + selinux_log_sync(SELINUX_ERROR, "%s: Out of memory\n", __func__); return -1; unlock_1: __pthread_mutex_unlock(&fl_mutex); -- 2.30.2