summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/kernel/auth
diff options
context:
space:
mode:
authorAndrei Vagin <avagin@google.com>2019-06-25 09:51:36 -0700
committergVisor bot <gvisor-bot@google.com>2019-06-25 09:52:49 -0700
commit03ae91c662869a37ba71dd2577d4e218a3aa4669 (patch)
treec6447126fde6710b1e1cff7ea3bed1214795999e /pkg/sentry/kernel/auth
parentfd16a329ce0c9fa1e7dd4c0fc1edc201f4c19571 (diff)
gvisor: lockless read access for task credentials
Credentials are immutable and even before these changes we could read them without locks, but we needed to take a task lock to get a credential object from a task object. It is possible to avoid this lock, if we will guarantee that a credential object will not be changed after setting it on a task. PiperOrigin-RevId: 254989492
Diffstat (limited to 'pkg/sentry/kernel/auth')
-rw-r--r--pkg/sentry/kernel/auth/BUILD12
1 files changed, 12 insertions, 0 deletions
diff --git a/pkg/sentry/kernel/auth/BUILD b/pkg/sentry/kernel/auth/BUILD
index 37cb8c8b9..42779baa9 100644
--- a/pkg/sentry/kernel/auth/BUILD
+++ b/pkg/sentry/kernel/auth/BUILD
@@ -4,6 +4,17 @@ load("//tools/go_generics:defs.bzl", "go_template_instance")
load("//tools/go_stateify:defs.bzl", "go_library")
go_template_instance(
+ name = "atomicptr_credentials",
+ out = "atomicptr_credentials.go",
+ package = "auth",
+ suffix = "Credentials",
+ template = "//third_party/gvsync:generic_atomicptr",
+ types = {
+ "Value": "Credentials",
+ },
+)
+
+go_template_instance(
name = "id_map_range",
out = "id_map_range.go",
package = "auth",
@@ -34,6 +45,7 @@ go_template_instance(
go_library(
name = "auth",
srcs = [
+ "atomicptr_credentials.go",
"auth.go",
"capability_set.go",
"context.go",