diff options
author | Andrei Vagin <avagin@google.com> | 2019-06-25 09:51:36 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2019-06-25 09:52:49 -0700 |
commit | 03ae91c662869a37ba71dd2577d4e218a3aa4669 (patch) | |
tree | c6447126fde6710b1e1cff7ea3bed1214795999e /pkg/sentry/kernel/auth | |
parent | fd16a329ce0c9fa1e7dd4c0fc1edc201f4c19571 (diff) |
gvisor: lockless read access for task credentials
Credentials are immutable and even before these changes we could read them
without locks, but we needed to take a task lock to get a credential object
from a task object.
It is possible to avoid this lock, if we will guarantee that a credential
object will not be changed after setting it on a task.
PiperOrigin-RevId: 254989492
Diffstat (limited to 'pkg/sentry/kernel/auth')
-rw-r--r-- | pkg/sentry/kernel/auth/BUILD | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/pkg/sentry/kernel/auth/BUILD b/pkg/sentry/kernel/auth/BUILD index 37cb8c8b9..42779baa9 100644 --- a/pkg/sentry/kernel/auth/BUILD +++ b/pkg/sentry/kernel/auth/BUILD @@ -4,6 +4,17 @@ load("//tools/go_generics:defs.bzl", "go_template_instance") load("//tools/go_stateify:defs.bzl", "go_library") go_template_instance( + name = "atomicptr_credentials", + out = "atomicptr_credentials.go", + package = "auth", + suffix = "Credentials", + template = "//third_party/gvsync:generic_atomicptr", + types = { + "Value": "Credentials", + }, +) + +go_template_instance( name = "id_map_range", out = "id_map_range.go", package = "auth", @@ -34,6 +45,7 @@ go_template_instance( go_library( name = "auth", srcs = [ + "atomicptr_credentials.go", "auth.go", "capability_set.go", "context.go", |