From owner-svn-src-head@freebsd.org Mon Jul 6 16:34:10 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8C84236BB1A; Mon, 6 Jul 2020 16:34:10 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4B0rkB2z0Wz4G9T; Mon, 6 Jul 2020 16:34:10 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 49A1921225; Mon, 6 Jul 2020 16:34:10 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 066GYANO087275; Mon, 6 Jul 2020 16:34:10 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 066GYAGq087274; Mon, 6 Jul 2020 16:34:10 GMT (envelope-from markj@FreeBSD.org) Message-Id: <202007061634.066GYAGq087274@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Mon, 6 Jul 2020 16:34:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r362968 - head/sys/kern X-SVN-Group: head X-SVN-Commit-Author: markj X-SVN-Commit-Paths: head/sys/kern X-SVN-Commit-Revision: 362968 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Jul 2020 16:34:10 -0000 Author: markj Date: Mon Jul 6 16:34:09 2020 New Revision: 362968 URL: https://svnweb.freebsd.org/changeset/base/362968 Log: Allow accesses of the caller's CPU and domain sets in capability mode. cpuset_(get|set)(affinity|domain)(2) permit a get or set of the calling thread or process' CPU and domain set in capability mode, but only when the thread or process ID is specified as -1. Extend this to cover the case where the ID actually matches the caller's TID or PID, since some code, such as our pthread_attr_get_np() implementation, always provides an explicit ID. It was not and still is not permitted to access CPU and domain sets for other threads in the same process when the process is in capability mode. This might change in the future. Submitted by: Greg V (original version) MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D25552 Modified: head/sys/kern/kern_cpuset.c Modified: head/sys/kern/kern_cpuset.c ============================================================================== --- head/sys/kern/kern_cpuset.c Mon Jul 6 16:33:28 2020 (r362967) +++ head/sys/kern/kern_cpuset.c Mon Jul 6 16:34:09 2020 (r362968) @@ -1595,7 +1595,9 @@ cpuset_check_capabilities(struct thread *td, cpulevel_ return (ECAPMODE); if (which != CPU_WHICH_TID && which != CPU_WHICH_PID) return (ECAPMODE); - if (id != -1) + if (id != -1 && + !(which == CPU_WHICH_TID && id == td->td_tid) && + !(which == CPU_WHICH_PID && id == td->td_proc->p_pid)) return (ECAPMODE); } return (0);