Date: Mon, 23 May 2011 20:59:50 +0000 (UTC) From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r222224 - head/sbin/hastd Message-ID: <201105232059.p4NKxoJc037495@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pjd Date: Mon May 23 20:59:50 2011 New Revision: 222224 URL: http://svn.freebsd.org/changeset/base/222224 Log: To handle BIO_FLUSH and BIO_DELETE requests in secondary worker we need to use ioctl(2). This is why we can't use capsicum for now to sandbox secondary. Capsicum is still used to sandbox hastctl. MFC after: 1 week Modified: head/sbin/hastd/subr.c Modified: head/sbin/hastd/subr.c ============================================================================== --- head/sbin/hastd/subr.c Mon May 23 20:18:09 2011 (r222223) +++ head/sbin/hastd/subr.c Mon May 23 20:59:50 2011 (r222224) @@ -224,7 +224,13 @@ drop_privs(struct hast_resource *res) return (-1); } - if (res == NULL || res->hr_role != HAST_ROLE_PRIMARY) + /* + * Until capsicum doesn't allow ioctl(2) we cannot use it to sandbox + * primary and secondary worker processes, as primary uses GGATE + * ioctls and secondary uses ioctls to handle BIO_DELETE and BIO_FLUSH. + * For now capsicum is only used to sandbox hastctl. + */ + if (res == NULL) capsicum = (cap_enter() == 0); else capsicum = false;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201105232059.p4NKxoJc037495>