Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel

[Andi Kleen]

On Sun, Aug 12, 2007 at 10:48:05AM -0700, Casey Schaufler wrote:
> 
> --- Andi Kleen <andi@xxxxxxxxxxxxxx> wrote:
> 
> > > Entries are never deleted, although they can be modified.
> > 
> > The modification case still seems racy then.
> 
> Fair enough. I'll look into real list management.

You don't necessarily need more list management if you don't 
plan to remove entries, but just replace them.

e.g. what could work to atomically replace is: 

- Make the buffer a pointer to an allocated buffer that also
contains a struct rcu_head.
- Reader: Does rcu_read_lock() around list walk (that just disables
preemption on preemptible kernels and is otherwise a nop).
Also uses rcu_reference for reading the pointer. 
- Writer: Continues using the mutex to protect against other writers.
When changing an entry allocate a new buffer + rcu_head. Initialize
buffer. Replace pointer.  Free old buffer using call_rcu() 

The RCU would just make sure the buffer is not freed while other
CPUs are still accessing it. It also means they can use stale
rules for a time, but it is a strictly bounded time
(bounded to max time walking the list plus max time any interrupt
handlers inbetween run [admittedly that can be very long in theory, 
but it's all logically only a single rule check])

-Andi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/