Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 24 Mar 2003 22:13:35 -0800 (PST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/posix4 p1003_1b.c
Message-ID:  <200303250613.h2P6DZDB011306@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
rwatson     2003/03/24 22:13:35 PST

  FreeBSD src repository

  Modified files:        (Branch: RELENG_4)
    sys/posix4           p1003_1b.c 
  Log:
  When the p1003_1b support for monitoring with and interfering with
  the system scheduler was committed, access to these facilities was
  limited to the root user (for unclear reasons, perhaps lack of
  understanding about the potential impact of the interfacs on
  system operation, or due to bugs).  However, the JDK requires the
  ability to monitor scheduler parameters and selection for
  linux-threaded processes; a return of EPERM causes some applications
  to fail as a result (in particular, the JDK).  In 5.x-CURRENT,
  we've replaced the access control with centralized access control
  primitives, giving these interfaces controls similar to those
  applied for rtprio(), setpriority(), etc, resulting in uniform
  enforcement.
  
  In order to enable proper JDK operation for 4.8-RELEASE, work around
  the lack of proper access control by permitting the use of two
  system calls: sched_getparam() and sched_getscheduler(), for non-root
  processes when the call is made on the current process (either using
  a 0 pid argument, or curproc->p_pid).  While we're here, fix a
  bug that caused the result of the call to be returned in the
  target process, not in the subject process (ouch!), but that
  previously only affected root-owned processes.  These fixes are
  deemed to be the lowest impact approachin the release; a backport
  of the 5.x-CURRENT access control primitives might also be appropriate
  in a non-release scenario.  This fix doesn't permit the calls to
  succeed on other linuxthreads in the same linuxthread process, but
  despite those failures the JDK appears to operate properly, so
  we've opted not to broaden the scope to permit the p->p_leader ==
  targetp->p_leader case at this point.
  
  The "wrong process" return value may apply to other system calls
  due to overloading of the subject process pointer with the target
  process, but doesn't currently affect non-root processes (and is
  fairly uncommon as usually processes are interested in frobbing their
  own scheduler details, not other processes, hence it not really
  showing up before).  This should be fixed in the post 4.8-RELEASE
  time frame.  These bugs should not be present in 5.x due to
  process-locking and security-related changes made in that branch
  well prior to 5.0-RELEASE.
  
  Submitted by:                   mbr (collaborative)
  Approved by:                    re (murray)
  
  Revision  Changes    Path
  1.5.2.2   +21 -10    src/sys/posix4/p1003_1b.c

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-src" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303250613.h2P6DZDB011306>