|
 |
7d2fd3 |
From c2e4cf5b21e8c775c669f3933d25a0946774ec0d Mon Sep 17 00:00:00 2001
|
|
|
7d2fd3 |
From: Ondrej Mosnacek <omosnace@redhat.com>
|
|
|
7d2fd3 |
Date: Tue, 26 Oct 2021 13:52:35 +0200
|
|
|
7d2fd3 |
Subject: [PATCH] libselinux: make selinux_log() thread-safe
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
Ensure that selinux_log() is thread-safe by guarding the call to the
|
|
|
7d2fd3 |
underlying callback with a mutex.
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
|
|
|
7d2fd3 |
---
|
|
|
7d2fd3 |
libselinux/src/callbacks.c | 8 +++++---
|
|
|
7d2fd3 |
libselinux/src/callbacks.h | 13 ++++++++++++-
|
|
|
7d2fd3 |
2 files changed, 17 insertions(+), 4 deletions(-)
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c
|
|
|
7d2fd3 |
index c18ccc54754a..469c4055f4d7 100644
|
|
|
7d2fd3 |
--- a/libselinux/src/callbacks.c
|
|
|
7d2fd3 |
+++ b/libselinux/src/callbacks.c
|
|
|
7d2fd3 |
@@ -10,6 +10,8 @@
|
|
|
7d2fd3 |
#include <selinux/selinux.h>
|
|
|
7d2fd3 |
#include "callbacks.h"
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
+pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER;
|
|
|
7d2fd3 |
+
|
|
|
7d2fd3 |
/* default implementations */
|
|
|
7d2fd3 |
static int __attribute__ ((format(printf, 2, 3)))
|
|
|
7d2fd3 |
default_selinux_log(int type __attribute__((unused)), const char *fmt, ...)
|
|
|
7d2fd3 |
@@ -56,7 +58,7 @@ default_selinux_policyload(int seqno __attribute__((unused)))
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
/* callback pointers */
|
|
|
7d2fd3 |
int __attribute__ ((format(printf, 2, 3)))
|
|
|
7d2fd3 |
-(*selinux_log)(int, const char *, ...) =
|
|
|
7d2fd3 |
+(*selinux_log_direct)(int, const char *, ...) =
|
|
|
7d2fd3 |
default_selinux_log;
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
int
|
|
|
7d2fd3 |
@@ -81,7 +83,7 @@ selinux_set_callback(int type, union selinux_callback cb)
|
|
|
7d2fd3 |
{
|
|
|
7d2fd3 |
switch (type) {
|
|
|
7d2fd3 |
case SELINUX_CB_LOG:
|
|
|
7d2fd3 |
- selinux_log = cb.func_log;
|
|
|
7d2fd3 |
+ selinux_log_direct = cb.func_log;
|
|
|
7d2fd3 |
break;
|
|
|
7d2fd3 |
case SELINUX_CB_AUDIT:
|
|
|
7d2fd3 |
selinux_audit = cb.func_audit;
|
|
|
7d2fd3 |
@@ -106,7 +108,7 @@ selinux_get_callback(int type)
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
switch (type) {
|
|
|
7d2fd3 |
case SELINUX_CB_LOG:
|
|
|
7d2fd3 |
- cb.func_log = selinux_log;
|
|
|
7d2fd3 |
+ cb.func_log = selinux_log_direct;
|
|
|
7d2fd3 |
break;
|
|
|
7d2fd3 |
case SELINUX_CB_AUDIT:
|
|
|
7d2fd3 |
cb.func_audit = selinux_audit;
|
|
|
7d2fd3 |
diff --git a/libselinux/src/callbacks.h b/libselinux/src/callbacks.h
|
|
|
7d2fd3 |
index 03d87f0cbdfe..f4dab15789f9 100644
|
|
|
7d2fd3 |
--- a/libselinux/src/callbacks.h
|
|
|
7d2fd3 |
+++ b/libselinux/src/callbacks.h
|
|
|
7d2fd3 |
@@ -10,9 +10,11 @@
|
|
|
7d2fd3 |
#include <string.h>
|
|
|
7d2fd3 |
#include <selinux/selinux.h>
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
+#include "selinux_internal.h"
|
|
|
7d2fd3 |
+
|
|
|
7d2fd3 |
/* callback pointers */
|
|
|
7d2fd3 |
extern int __attribute__ ((format(printf, 2, 3)))
|
|
|
7d2fd3 |
-(*selinux_log) (int type, const char *, ...) ;
|
|
|
7d2fd3 |
+(*selinux_log_direct) (int type, const char *, ...) ;
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
extern int
|
|
|
7d2fd3 |
(*selinux_audit) (void *, security_class_t, char *, size_t) ;
|
|
|
7d2fd3 |
@@ -26,4 +28,13 @@ extern int
|
|
|
7d2fd3 |
extern int
|
|
|
7d2fd3 |
(*selinux_netlink_policyload) (int seqno) ;
|
|
|
7d2fd3 |
|
|
|
7d2fd3 |
+/* Thread-safe selinux_log() function */
|
|
|
7d2fd3 |
+extern pthread_mutex_t log_mutex;
|
|
|
7d2fd3 |
+
|
|
|
7d2fd3 |
+#define selinux_log(type, ...) do { \
|
|
|
7d2fd3 |
+ __pthread_mutex_lock(&log_mutex); \
|
|
|
7d2fd3 |
+ selinux_log_direct(type, __VA_ARGS__); \
|
|
|
7d2fd3 |
+ __pthread_mutex_unlock(&log_mutex); \
|
|
|
7d2fd3 |
+} while(0)
|
|
|
7d2fd3 |
+
|
|
|
7d2fd3 |
#endif /* _SELINUX_CALLBACKS_H_ */
|
|
|
7d2fd3 |
--
|
|
|
7d2fd3 |
2.33.1
|
|
|
7d2fd3 |
|