Date: Sat, 29 Jan 2011 12:48:39 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 188308 for review Message-ID: <201101291248.p0TCmd2u015363@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@188308?ac=10 Change 188308 by trasz@trasz_victim on 2011/01/29 12:48:07 In addition to preventing one from adding per-process rules for system processes, also don't link other rules to system processes. Also, we don't need to PROC_LOCK() just to change for P_SYSTEM. Affected files ... .. //depot/projects/soc2009/trasz_limits/sys/kern/kern_rctl.c#24 edit Differences ... ==== //depot/projects/soc2009/trasz_limits/sys/kern/kern_rctl.c#24 (text+ko) ==== @@ -935,16 +935,6 @@ rusage_is_sloppy(rule->rr_resource)) return (EINVAL); - if (rule->rr_subject_type == RCTL_SUBJECT_TYPE_PROCESS) { - p = rule->rr_subject.rs_proc; - PROC_LOCK(p); - if (p->p_flag & P_SYSTEM) { - PROC_UNLOCK(p); - return (EINVAL); - } - PROC_UNLOCK(p); - } - /* * Make sure there are no duplicated rules. Also, for the "deny" * rules, remove ones differing only by "amount". @@ -961,6 +951,12 @@ case RCTL_SUBJECT_TYPE_PROCESS: p = rule->rr_subject.rs_proc; KASSERT(p != NULL, ("rctl_rule_add: NULL proc")); + /* + * No resource limits for system processes. + */ + if (p->p_flag & P_SYSTEM) + return (EINVAL); + rctl_container_add_rule(p->p_container, rule); /* * In case of per-process rule, we don't have anything more @@ -997,6 +993,8 @@ */ sx_assert(&allproc_lock, SA_LOCKED); FOREACH_PROC_IN_SYSTEM(p) { + if (p->p_flag & P_SYSTEM) + continue; cred = p->p_ucred; switch (rule->rr_subject_type) { case RCTL_SUBJECT_TYPE_USER: @@ -1233,13 +1231,10 @@ error = EINVAL; goto out; } - PROC_LOCK(p); if (p->p_flag & P_SYSTEM) { - PROC_UNLOCK(p); error = EINVAL; goto out; } - PROC_UNLOCK(p); outputsbuf = rctl_container_to_sbuf(p->p_container, 0); break; case RCTL_SUBJECT_TYPE_USER:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201101291248.p0TCmd2u015363>