Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp6668486pxv; Thu, 29 Jul 2021 22:26:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxc/ps+jE0b1hwZS/z18H1dcPPlzsAxJNyL3PvvjKF43wEWAHCL9tWwNUoeA7zQ3bHld+M6 X-Received: by 2002:a6b:f813:: with SMTP id o19mr931575ioh.49.1627622785031; Thu, 29 Jul 2021 22:26:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627622785; cv=none; d=google.com; s=arc-20160816; b=BEuDlDnUVmaI0R/5Kizgh5zuox5+H1m4chQKisye6Anmn1oD28DcXZpJ38+JrtUd10 NdByF2dk2B17Q2XQfWlYpUytHmQPVywNdKPFCrk8O4QCH0jDw65Ga9wifY3KkzPide+M zxxyNvQM28PnYnp3g2C+f6Gq8izOOEWijCNG+QLjV6GOtOhd1iGlXAd0FOJx5HE3FuMO 0UivgPxXcRsamIYcoSOMl5i766jeaqzdKLgazFF7MFI6MjkZQBT3GPx3PJwp8+j2WoZz UIIdu+9JhXyTYZVPfOXiXrZ5rlgDif83eZgm7jZQgycCFnySpSBdasfiOH5ndTFrLWr1 7zNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=4zV2vY5guAxwOdyRbx/pHmQPn4cPux11KZ6twzHtf5Q=; b=v/5PG0Owy7RGIxTGsZ+WCHqSLHI1EglXAIwvL1EJ6soQSRHukQuUmtixhWVjrA26Nv hXT/dgNYYwLyFG7wKpIH3LEaDVnO025zAHdPYq49zdl4PAixx5YKFFmVJnk/MNyNV71I wr4ItQsawkNQbmU5g0y5RG5JpYj1SIEp/EYQGhvN89BRsIKATgQCd5CHEV1ySQDjKiDw AWapzSuCj3IttksFBSHts582Ls5r/Tua4LIOGZZjUevoLI8bOZRWIpy7Hl1w8B0kp28t /HlOCx+4N6iz6uBFPj6wIBWcUg/dVKVzjaM/FmADiHtTNrRVdNRJNjrhf8iXFiDljhSR Zflg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h5si625724iol.44.2021.07.29.22.26.13; Thu, 29 Jul 2021 22:26:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231705AbhG3FZT (ORCPT + 99 others); Fri, 30 Jul 2021 01:25:19 -0400 Received: from h4.fbrelay.privateemail.com ([131.153.2.45]:36116 "EHLO h4.fbrelay.privateemail.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230108AbhG3FZP (ORCPT ); Fri, 30 Jul 2021 01:25:15 -0400 Received: from MTA-15-3.privateemail.com (MTA-15-1.privateemail.com [198.54.118.208]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by h3.fbrelay.privateemail.com (Postfix) with ESMTPS id B32F18021A; Fri, 30 Jul 2021 01:25:09 -0400 (EDT) Received: from mta-15.privateemail.com (localhost [127.0.0.1]) by mta-15.privateemail.com (Postfix) with ESMTP id 59CA718000BB; Fri, 30 Jul 2021 01:25:07 -0400 (EDT) Received: from hal-station.. (unknown [10.20.151.210]) by mta-15.privateemail.com (Postfix) with ESMTPA id 8E7D118000AD; Fri, 30 Jul 2021 01:25:06 -0400 (EDT) From: Hamza Mahfooz To: linux-kernel@vger.kernel.org Cc: Hamza Mahfooz , John Johansen , James Morris , "Serge E. Hallyn" , linux-security-module@vger.kernel.org Subject: [PATCH] apparmor: use per file locks for transactional queries Date: Fri, 30 Jul 2021 01:23:55 -0400 Message-Id: <20210730052355.77289-1-someguy@effective-light.com> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Virus-Scanned: ClamAV using ClamSMTP Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org As made mention of in commit 1dea3b41e84c5 ("apparmor: speed up transactional queries"), a single lock is currently used to synchronize transactional queries. We can, use the lock allocated for each file by VFS instead. Signed-off-by: Hamza Mahfooz --- security/apparmor/apparmorfs.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 2ee3b3d29f10..c0b626a271a0 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -812,8 +812,6 @@ struct multi_transaction { }; #define MULTI_TRANSACTION_LIMIT (PAGE_SIZE - sizeof(struct multi_transaction)) -/* TODO: replace with per file lock */ -static DEFINE_SPINLOCK(multi_transaction_lock); static void multi_transaction_kref(struct kref *kref) { @@ -847,10 +845,10 @@ static void multi_transaction_set(struct file *file, AA_BUG(n > MULTI_TRANSACTION_LIMIT); new->size = n; - spin_lock(&multi_transaction_lock); + spin_lock(&file->f_lock); old = (struct multi_transaction *) file->private_data; file->private_data = new; - spin_unlock(&multi_transaction_lock); + spin_unlock(&file->f_lock); put_multi_transaction(old); } @@ -879,9 +877,10 @@ static ssize_t multi_transaction_read(struct file *file, char __user *buf, struct multi_transaction *t; ssize_t ret; - spin_lock(&multi_transaction_lock); + spin_lock(&file->f_lock); t = get_multi_transaction(file->private_data); - spin_unlock(&multi_transaction_lock); + spin_unlock(&file->f_lock); + if (!t) return 0; -- 2.32.0