[PATCH 7/9] Revert "libselinux: support parallel selabel_lookup(3)"

James Carter <jwcart2@xxxxxxxxx> · Wed, 11 Dec 2024 11:14:04 -0500

This reverts commit 20175564fcc6fdc1fee7847a2b5cb6c51353f41a.

Needed to revert commit 92306daf5219e73f6e8bc9fc7699399457999bcd
"libselinux: rework selabel_file(5) database", which broke Android
file_context matching.

Signed-off-by: James Carter <jwcart2@xxxxxxxxx>
---
 libselinux/src/label.c          | 56 ++++++---------------------------
 libselinux/src/label_db.c       |  2 --
 libselinux/src/label_file.h     |  4 ---
 libselinux/src/label_internal.h |  1 -
 libselinux/src/label_media.c    |  1 -
 libselinux/src/label_x.c        |  1 -
 6 files changed, 9 insertions(+), 56 deletions(-)

diff --git a/libselinux/src/label.c b/libselinux/src/label.c
index 2c510290..06d743ec 100644
--- a/libselinux/src/label.c
+++ b/libselinux/src/label.c
@@ -124,32 +124,18 @@ static inline int selabel_is_validate_set(const struct selinux_opt *opts,
 
 int selabel_validate(struct selabel_lookup_rec *contexts)
 {
-	bool validated;
-	int rc;
+	int rc = 0;
 
-	validated = __atomic_load_n(&contexts->validated, __ATOMIC_ACQUIRE);
-	if (validated)
-		return 0;
-
-	__pthread_mutex_lock(&contexts->lock);
-
-	/* Check if another thread validated the context while we waited on the mutex */
-	validated = __atomic_load_n(&contexts->validated, __ATOMIC_ACQUIRE);
-	if (validated) {
-		__pthread_mutex_unlock(&contexts->lock);
-		return 0;
-	}
+	if (contexts->validated)
+		goto out;
 
 	rc = selinux_validate(&contexts->ctx_raw);
-	if (rc == 0)
-		__atomic_store_n(&contexts->validated, true, __ATOMIC_RELEASE);
-
-	__pthread_mutex_unlock(&contexts->lock);
-
 	if (rc < 0)
-		return -1;
+		goto out;
 
-	return 0;
+	contexts->validated = true;
+out:
+	return rc;
 }
 
 /* Public API helpers */
@@ -157,35 +143,11 @@ static int selabel_fini(const struct selabel_handle *rec,
 			    struct selabel_lookup_rec *lr,
 			    bool translating)
 {
-	char *ctx_trans;
-	int rc;
-
 	if (compat_validate(rec, lr, rec->spec_file, lr->lineno))
 		return -1;
 
-	if (!translating)
-		return 0;
-
-	ctx_trans = __atomic_load_n(&lr->ctx_trans, __ATOMIC_ACQUIRE);
-	if (ctx_trans)
-		return 0;
-
-	__pthread_mutex_lock(&lr->lock);
-
-	/* Check if another thread translated the context while we waited on the mutex */
-	ctx_trans = __atomic_load_n(&lr->ctx_trans, __ATOMIC_ACQUIRE);
-	if (ctx_trans) {
-		__pthread_mutex_unlock(&lr->lock);
-		return 0;
-	}
-
-	rc = selinux_raw_to_trans_context(lr->ctx_raw, &ctx_trans);
-	if (rc == 0)
-		__atomic_store_n(&lr->ctx_trans, ctx_trans, __ATOMIC_RELEASE);
-
-	__pthread_mutex_unlock(&lr->lock);
-
-	if (rc)
+	if (translating && !lr->ctx_trans &&
+	    selinux_raw_to_trans_context(lr->ctx_raw, &lr->ctx_trans))
 		return -1;
 
 	return 0;
diff --git a/libselinux/src/label_db.c b/libselinux/src/label_db.c
index eb060ede..40d5fc4a 100644
--- a/libselinux/src/label_db.c
+++ b/libselinux/src/label_db.c
@@ -186,7 +186,6 @@ db_close(struct selabel_handle *rec)
 		free(spec->key);
 		free(spec->lr.ctx_raw);
 		free(spec->lr.ctx_trans);
-		__pthread_mutex_destroy(&spec->lr.lock);
 	}
 	free(catalog);
 }
@@ -359,7 +358,6 @@ out_error:
 		free(spec->key);
 		free(spec->lr.ctx_raw);
 		free(spec->lr.ctx_trans);
-		__pthread_mutex_destroy(&spec->lr.lock);
 	}
 	free(catalog);
 	fclose(filp);
diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
index de8190f9..529a1bd2 100644
--- a/libselinux/src/label_file.h
+++ b/libselinux/src/label_file.h
@@ -661,7 +661,6 @@ static int insert_spec(const struct selabel_handle *rec, struct saved_data *data
 			.lr.ctx_trans = NULL,
 			.lr.lineno = lineno,
 			.lr.validated = false,
-			.lr.lock = PTHREAD_MUTEX_INITIALIZER,
 		};
 
 		data->num_specs++;
@@ -795,7 +794,6 @@ static int insert_spec(const struct selabel_handle *rec, struct saved_data *data
 			.lr.ctx_trans = NULL,
 			.lr.lineno = lineno,
 			.lr.validated = false,
-			.lr.lock = PTHREAD_MUTEX_INITIALIZER,
 		};
 
 		data->num_specs++;
@@ -820,7 +818,6 @@ static inline void free_spec_node(struct spec_node *node)
 
 		free(lspec->lr.ctx_raw);
 		free(lspec->lr.ctx_trans);
-		__pthread_mutex_destroy(&lspec->lr.lock);
 
 		if (lspec->from_mmap)
 			continue;
@@ -835,7 +832,6 @@ static inline void free_spec_node(struct spec_node *node)
 
 		free(rspec->lr.ctx_raw);
 		free(rspec->lr.ctx_trans);
-		__pthread_mutex_destroy(&rspec->lr.lock);
 		regex_data_free(rspec->regex);
 		__pthread_mutex_destroy(&rspec->regex_lock);
 
diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h
index 743dbf94..854f92fa 100644
--- a/libselinux/src/label_internal.h
+++ b/libselinux/src/label_internal.h
@@ -71,7 +71,6 @@ extern void digest_gen_hash(struct selabel_digest *digest);
 struct selabel_lookup_rec {
 	char * ctx_raw;
 	char * ctx_trans;
-	pthread_mutex_t lock;	/* lock for validation and translation */
 	unsigned int lineno;
 	bool validated;
 };
diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
index be3df388..b541faf4 100644
--- a/libselinux/src/label_media.c
+++ b/libselinux/src/label_media.c
@@ -176,7 +176,6 @@ static void close(struct selabel_handle *rec)
 		free(spec->key);
 		free(spec->lr.ctx_raw);
 		free(spec->lr.ctx_trans);
-		__pthread_mutex_destroy(&spec->lr.lock);
 	}
 
 	if (spec_arr)
diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
index 5b0e4063..6bdba9cd 100644
--- a/libselinux/src/label_x.c
+++ b/libselinux/src/label_x.c
@@ -203,7 +203,6 @@ static void close(struct selabel_handle *rec)
 		free(spec->key);
 		free(spec->lr.ctx_raw);
 		free(spec->lr.ctx_trans);
-		__pthread_mutex_destroy(&spec->lr.lock);
 	}
 
 	if (spec_arr)
-- 
2.47.1








