David Laight wrote:
> On Fri, Feb 01, 2008 at 04:23:14PM +0200, Elad Efrat wrote:
>> That said, the call to the kauth authorization wrapper is still done
>> with p_smutex held. For example in sys__sched_setparam(), the logic is
>>
>> 	p = p_find(pid, PFIND_UNLOCK_FAIL);
>> 	mutex_enter(&p->p_smutex);
>> 	mutex_exit(&proclist_lock);
>>
>> so I don't see how we can call kauth with p without having either
>> proclist_list or p_smutex held.
> 
> It is likely to be almost impossible to ever have a kernel where
> the kauth functions are allowed to sleep.
> Not least because many of the check have to be atomic wrt data that
> other threads/processes can change.

Yeah - unfortunately. I think we used to have a diagnostic check to tell
us where we're calling kauth authorization wrappers when we're not
allowed to sleep, but like you can guess it was quickly removed.

Ideally, we'd like listeners to be able to sleep, so that decision
making can take place in userland. That's, like you mention, however,
is going to be almost impossible to achieve.

I guess/hope at some point we'll get back to this issue and look for a
way to handle it. :)

-e.