Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-11966

[PATCH] Fix lock/unlock order in SeLockSubjectContext/SeUnlockSubjectContext (72642)

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Fix Version/s: 0.4.3
    • Component/s: None
    • Labels:

      Description

      Hello,

      I noticed that the lock/unlock order done by functions SeLockSubjectContext/SeUnlockSubjectContext is incorrect:

      SeLockSubjectContext locks in the following order:

      SepAcquireTokenLockShared(PrimaryToken);
      SepAcquireTokenLockShared(ClientToken);

      SeUnlockSubjectContext unlocks in the following order:

      SepReleaseTokenLock(PrimaryToken);
      SepReleaseTokenLock(ClientToken);

      As you can see in SeUnlockSubjectContext there is a problem with lock order, because it should be inversed:

      SepReleaseTokenLock(ClientToken);
      SepReleaseTokenLock(PrimaryToken);

      The general rule of thumb to prevent deadlocks is:
      1. Use locks in the same order when multiple locks are involved
      2. When unlocking unlock them in inverse order, for example

      Correct usage:

      Lock A
      Lock B
      Lock C
      [...]
      Unlock C
      Unlock B
      Unlock A

      Incorrect usage:

      Lock A
      Lock B
      Lock C
      [...]
      Unlock A
      Unlock C
      Unlock B

      The attached patch fixes the problem. I've tested it in debugger to make sure that the locks execute in the correct order and there are no deadlocks present.

        Attachments

          Activity

            People

            • Assignee:
              ekohl ekohl
              Reporter:
              vshcherbyna vshcherbyna
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: