@@ -46,6 +46,15 @@ static bool selabel_no_digest;
static char *rootpath = NULL;
static int rootpathlen;
+/* Thread-safe log function for parallel restorecon */
+static pthread_mutex_t log_mutex = PTHREAD_MUTEX_INITIALIZER;
+
+#define selinux_log_sync(type, ...) do { \
+ __pthread_mutex_lock(&log_mutex); \
+ selinux_log(type, __VA_ARGS__); \
+ __pthread_mutex_unlock(&log_mutex); \
+} while(0)
+
/* Information on excluded fs and directories. */
struct edir {
char *directory;
@@ -455,7 +464,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
if (strcmp(fl->con, con) == 0)
goto unlock_1;
- selinux_log(SELINUX_ERROR,
+ selinux_log_sync(SELINUX_ERROR,
"conflicting specifications for %s and %s, using %s.\n",
file, fl->file, fl->con);
free(fl->file);
@@ -466,7 +475,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
__pthread_mutex_unlock(&fl_mutex);
if (flags->conflicterror) {
- selinux_log(SELINUX_ERROR,
+ selinux_log_sync(SELINUX_ERROR,
"treating conflicting specifications as an error.\n");
return -1;
}
@@ -497,7 +506,7 @@ oom_freefl:
free(fl);
oom:
__pthread_mutex_unlock(&fl_mutex);
- selinux_log(SELINUX_ERROR, "%s: Out of memory\n", __func__);
+ selinux_log_sync(SELINUX_ERROR, "%s: Out of memory\n", __func__);
return -1;
unlock_1:
__pthread_mutex_unlock(&fl_mutex);
Add a thread-safe version of selinux_log() and initially use it in filespec_add(). Together with the previous patch this makes filespec_add() thread-safe, which will be utilized in subsequent patches. Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> --- libselinux/src/selinux_restorecon.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-)