Date: Sat, 13 Jul 2013 20:58:35 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: John Baldwin <jhb@freebsd.org> Cc: arch@freebsd.org, "Robert N. M. Watson" <rwatson@freebsd.org>, Jilles Tjoelker <jilles@stack.nl>, freebsd-arch@freebsd.org Subject: Re: Extending MADV_PROTECT Message-ID: <20130713175835.GN91021@kib.kiev.ua> In-Reply-To: <201307121748.57778.jhb@freebsd.org> References: <201305071433.27993.jhb@freebsd.org> <20130522084145.GJ3047@kib.kiev.ua> <201306281446.01797.jhb@freebsd.org> <201307121748.57778.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--JTLHU1qSfROtVZpA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 12, 2013 at 05:48:57PM -0400, John Baldwin wrote: > On Friday, June 28, 2013 2:46:01 pm John Baldwin wrote: > > Ok, there isn't really a clear consensus here, but I need a system call= to let > > me toggle this flag on existing processes. > >=20 > > One reason I don't like the procctl() approach is I am uneasy about for= cing > > a certain behavior for how commands treat pgid (first-fail vs best-effo= rt). > > I guess it can always change in the future so that isn't completely uns= olvable. > >=20 > > I guess I am fine just making it use hardcoded sizes instead of full-bl= own > > ioctl encoding. >=20 > Ok, I have updated patches for this for HEAD. I have not yet implemented= the > inheritance bits because I'm loathe to add the first bit to a p_flag2. :-P > However, if that's the best course of action I suppose we can do that. >=20 > The kernel patch is at www.freebsd.org/~jhb/patches/procctl.patch >=20 > The patch for the protect binary is at www.freebsd.org/~jhb/patches/prote= ct.patch >=20 It seems that p_cansee() is called twice, once in kern_procctl(), and then in protect_setchild(). Is AUE_WAIT6 the correct audit event id for procctl ? I thought proposing to use pget() for P_PID case in kern_procctl(), but indeed open coding of the process lookup is easier, since otherwise you would need to move proctree_lock acquisition to P_PGID. Why do you need PPROT_CLEAR ? If you do need the flag, would it be better to assign a non-zero value to it ? --JTLHU1qSfROtVZpA Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQIcBAEBAgAGBQJR4ZVKAAoJEJDCuSvBvK1B4y0QAJAbUl/UV7iJUjU7tAjWc3Cv WZDN0273hxxMmTay18YyDDAVSTN9LJUm4lzh6MCYrrtjgb7gO8/kFmZ6f2VBc8i8 oXHcQRxBd7s+foXjCj8Jzf04yU9VY79+fhb3qC9Zku4yfRQkcrhTvZorqJrrd89j It+WMQpibhZQD5MP0GRc+YmARNb2MUXcZemO9axT4QV2xv1l3C+Zq98fU+mWIG4q 4pTmi+3J4hCjT+oVzS+dczixeTk/3zQeYoaaz2PeOBRaXAlXAX6yet3N+qbVlASz zL2lgDFRiTZqMnHaej4Scv5ncPnugVRS6i//hVtgdNoQX9U5EslEp9aZQtR3bVpr ntjTjLB7Rz/1aU2LqJqtw7arBFtHAEsxvnzp+r7jMGsaVJHjY/grBqOX3nC+OtWg dEcGMnhM7+nMJY9VDolq48S5bdPzo/DsF5RBWG7p8+wMJd20eVTDm3zsS1n+FhBP pCfNOqlDfBOotq2JOK3q4eg9RIoHUF9N7FmBtzWxz/aJLKcCRHbW7iTU710A3rup YVDNFDFY85yKt5mt5ES/gMdLFMDxZlW502wNz8zzvSkZ4Iz0rdni6W2rUBShRco+ kLBEtzbkE4V3Y7+Pb07NjFR3MuE5DpVw1NdUOaLnZi2fd7s/uej4i8/AY1J/dV12 YVfCqPWItmJgWL3l8WNQ =sLAy -----END PGP SIGNATURE----- --JTLHU1qSfROtVZpA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130713175835.GN91021>