Lock the semaphore identifier lock during semaphore initialization to
guarantee atomicity of the operation for other semaphore consumers. In particular, this should guard against access to the semaphore with not done or partially done MAC label assignment. Reviewed by: rwatson MFC after: 1 month
This commit is contained in:
parent
b5dbfe1e63
commit
92e5c3777e
@ -914,6 +914,9 @@ semget(struct thread *td, struct semget_args *uap)
|
|||||||
goto done2;
|
goto done2;
|
||||||
}
|
}
|
||||||
DPRINTF(("semid %d is available\n", semid));
|
DPRINTF(("semid %d is available\n", semid));
|
||||||
|
mtx_lock(&sema_mtx[semid]);
|
||||||
|
KASSERT((sema[semid].u.sem_perm.mode & SEM_ALLOC) == 0,
|
||||||
|
("Lost semaphore %d", semid));
|
||||||
sema[semid].u.sem_perm.key = key;
|
sema[semid].u.sem_perm.key = key;
|
||||||
sema[semid].u.sem_perm.cuid = cred->cr_uid;
|
sema[semid].u.sem_perm.cuid = cred->cr_uid;
|
||||||
sema[semid].u.sem_perm.uid = cred->cr_uid;
|
sema[semid].u.sem_perm.uid = cred->cr_uid;
|
||||||
@ -932,6 +935,7 @@ semget(struct thread *td, struct semget_args *uap)
|
|||||||
#ifdef MAC
|
#ifdef MAC
|
||||||
mac_sysvsem_create(cred, &sema[semid]);
|
mac_sysvsem_create(cred, &sema[semid]);
|
||||||
#endif
|
#endif
|
||||||
|
mtx_unlock(&sema_mtx[semid]);
|
||||||
DPRINTF(("sembase = %p, next = %p\n",
|
DPRINTF(("sembase = %p, next = %p\n",
|
||||||
sema[semid].u.sem_base, &sem[semtot]));
|
sema[semid].u.sem_base, &sem[semtot]));
|
||||||
} else {
|
} else {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user