Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kauth and sched_{get,set}param

David Laight wrote:
On Fri, Feb 01, 2008 at 04:23:14PM +0200, Elad Efrat wrote:
That said, the call to the kauth authorization wrapper is still done
with p_smutex held. For example in sys__sched_setparam(), the logic is

        p = p_find(pid, PFIND_UNLOCK_FAIL);

so I don't see how we can call kauth with p without having either
proclist_list or p_smutex held.

It is likely to be almost impossible to ever have a kernel where
the kauth functions are allowed to sleep.
Not least because many of the check have to be atomic wrt data that
other threads/processes can change.

Yeah - unfortunately. I think we used to have a diagnostic check to tell
us where we're calling kauth authorization wrappers when we're not
allowed to sleep, but like you can guess it was quickly removed.

Ideally, we'd like listeners to be able to sleep, so that decision
making can take place in userland. That's, like you mention, however,
is going to be almost impossible to achieve.

I guess/hope at some point we'll get back to this issue and look for a
way to handle it. :)


Home | Main Index | Thread Index | Old Index