Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 27 Mar 2003 18:12:13 -0800
From:      Wes Peters <wes@softweyr.com>
To:        "Poul-Henning Kamp" <phk@phk.freebsd.dk>, Marcel Moolenaar <marcel@xcllnt.net>
Cc:        freebsd-arch@FreeBSD.ORG
Subject:   Re: Patch to protect process from pageout killing
Message-ID:  <200303271812.13745.wes@softweyr.com>
In-Reply-To: <14594.1048582113@critter.freebsd.dk>
References:  <14594.1048582113@critter.freebsd.dk>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 25 March 2003 00:48, Poul-Henning Kamp wrote:
> In message <20030325084247.GA17195@dhcp01.pn.xcllnt.net>, Marcel
> Moolenaar writes:
> >> To tackle them from behind:
> >>
> >> Wes has a proposal for #3 which is a per-process flag which says
> >> "I'm sacred".  I think that is a sound principle since that is
> >> usually exactly what people want:  Do Not Kill This Process.
> >>
> >> Certain processes already enjoy special protection, pid==1 most
> >> notably, this would just be a way to make the same protection
> >> available to other processes.  I'm not happy about using the
> >> resourcelimit code for booleans, and I don't think the flag
> >> should be inherited, but otherwise I'm for the idea.
> >
> >JFYI: On ia64 there are 12 bits in the ELF header reserved for OS
> >specific flags. A very natural way to flag a process as being sacred
> >is by flagging the ELF executable. You could use brandelf for that.
>
> Many years ago, we had a local hack so you could specify the nice(2)
> that a given program would be executed at (relative to the parent
> process) in the a.out file.  This allowed us to keep games open
> during the day because we could argue that running at -20 they used
> only resources not otherwise claimed.
>
> Other operating systems have much more expressive facilities for
> putting attributes on a program.  In some cases this is being held
> stronly against them.

You could easily implement this with an ELF executable by adding "note" 
section(s) containing the attributes in a format understood by your 
loader or linker.  A hackup of brandelf could modify the binaries in 
well-specified ways.

You could also do this with extended attributes on the executable/ 
library files.  

> I think, but am not sure, that we can now introduce practically any
> policy we might like with MAC. (NB: deliberate rwatson-trigger)
>
> How the flags/attributes gets to be set on the wanted subset of
> processes is by no means uninteresting, but until something pays
> attention to the flag...

Working on it.

-- 
         "Where am I, and what am I doing in this handbasket?"

Wes Peters                                              wes@softweyr.com




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303271812.13745.wes>