diff options
| author | Tom Cherry <tomcherry@google.com> | 2017-07-26 13:02:55 -0700 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2017-07-26 16:23:04 -0400 |
| commit | 00548bd9b6f0db071d63b594daf3d6cc6a2bfce6 (patch) | |
| tree | c2a1fbfcef73bd51fcc92d4fb6cbc809aa135faa /libselinux/src/mapping.h | |
| parent | 7803c8ca99469efb16b7b8a27201e09ef4e1a5be (diff) | |
| download | android_external_selinux-00548bd9b6f0db071d63b594daf3d6cc6a2bfce6.tar.gz android_external_selinux-00548bd9b6f0db071d63b594daf3d6cc6a2bfce6.tar.bz2 android_external_selinux-00548bd9b6f0db071d63b594daf3d6cc6a2bfce6.zip | |
libselinux: fix thread safety issues with lookup_common()
There are two problems with lookup_common() and therefore
selabel_lookup() and related functions that this patch fixes:
1) A race with the lazy compilation of regexes. Since the struct
regex_data is allocated and assigned immediately to the parent struct
spec, it's possible for a second thread to see that this pointer is
non-NULL before the regex compilation has finished. This typically
results in a -1 return from selabel_lookup() with ENOENT as errno.
This is fixed by adding synchronization in compile_regex().
2) A race with PCRE2 regex_match(). A struct pcre2_match_data is
created once and used for all regex matches for a given regex. This
is problematic if two threads are attempting to evaluate the same
regex simultaneously. This typically results in a successful return
from selabel_lookup() but with an erroneous selabel.
This is fixed by adding a pthread_mutex within regex_match() for
PCRE2. Note, on my system, creating new matchdata takes roughly an
order of magnitude more time than locking a non-contended
pthread_mutex. I don't believe programs will have enough contention
on this lock to justify that cost.
Bug: 63861738
Test: ueventd unit tests
Change-Id: I13bf782d81d0a0b896d444e396f307ad0dbacb6a
Diffstat (limited to 'libselinux/src/mapping.h')
0 files changed, 0 insertions, 0 deletions