Date: Mon, 07 Oct 2002 14:54:40 -0400 (EDT) From: John Baldwin <jhb@FreeBSD.org> To: Don Lewis <dl-freebsd@catspoiler.org> Cc: arch@FreeBSD.ORG, jmallett@FreeBSD.ORG Subject: Re: [jmallett@FreeBSD.org: [PATCH] Reliable signal queues, etc., Message-ID: <XFMail.20021007145440.jhb@FreeBSD.org> In-Reply-To: <200210050929.g959T1vU023691@gw.catspoiler.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05-Oct-2002 Don Lewis wrote:
> On 5 Oct, Juli Mallett wrote:
>> * De: Don Lewis <dl-freebsd@catspoiler.org> [ Data: 2002-10-05 ]
>> [ Subjecte: Re: [jmallett@FreeBSD.org: [PATCH] Reliable signal queues, etc., [for review]] ]
>>> On 5 Oct, Juli Mallett wrote:
>>> > To
>>> > accomodate situations where allocation of a 'ksiginfo' is a failure
>>> > mode (no memory), the destination process is told to exit via a new
>>> > member of 'struct proc', p_suicide, which tells a process to kill itself
>>> > next time it goes through userret.
>>>
>>> I hope that doesn't happen when I fg my editor ...
>>
>> In this situation (can't allocate 64 bytes) you're screwed if you have an
>> editor in the background, coming to the foreground, anyway.
>
> A lot of things that receive SIGCHLD, such as shells and inetd could
> also be affected a temporary shortage of kmem.
>
> Somehow it seems wasteful to have to allocate kmem to deliver SIGKILL.
>
> How is an ordinary userland program prevented from consuming all of kmem
> by blocking signal delivery and looping on kill()? Does a quota system
> need to be added?
>
> The following code never sets error to anything other than zero. It
> also looks like it is missing a return statement for the malloc() failed
> case.
>
> +int
> +ksiginfo_alloc(struct ksiginfo **ksip, struct proc *p, int signo)
> +{
> + int error;
> + struct ksiginfo *ksi;
> +
> + error = 0;
> +
> + PROC_LOCK_ASSERT(p, MA_NOTOWNED);
> + ksi = malloc(sizeof *ksi, M_KSIGINFO, M_ZERO | M_NOWAIT);
> + if (ksi == NULL) {
> + PROC_LOCK(p);
> + p->p_suicide = 1;
> + PROC_UNLOCK(p);
> + }
> + ksi->ksi_signo = signo;
> + if (curproc != NULL) {
> + ksi->ksi_pid = curproc->p_pid;
> + ksi->ksi_ruid = curproc->p_ucred->cr_uid;
This is not safe w/o proc lock held. Probably should be using
curthread and td_ucred instead. Also, curproc cannot be NULL in
current.
> + }
> + *ksip = ksi;
> + return (error);
> +}
>
>
>
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-arch" in the body of the message
--
John Baldwin <jhb@FreeBSD.org> <>< http://www.FreeBSD.org/~jhb/
"Power Users Use the Power to Serve!" - http://www.FreeBSD.org/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.20021007145440.jhb>