Re: Socket credentials (take 2)

[yamt%mwd.biglobe.ne.jp@localhost (YAMAMOTO Takashi)]

> On Mon, Apr 27, 2009 at 3:13 AM, YAMAMOTO Takashi
> <yamt%mwd.biglobe.ne.jp@localhost> wrote:
>> hi,
>>
>>> Hi,
>>>
>>> A while ago I proposed to add credentials to sockets. Looking back at
>>> the thread:
>>>
>>>     http://mail-index.netbsd.org/tech-kern/2006/07/21/0002.html
>>>
>>> I see there were no objections, yet the thread just died.
>>>
>>> I would like to add them now.
>>
>> have you sorted out the "calling kauth_cred_free() in interrupt context"
>> problem since then?
> 
> I didn't touch the code, but can you remind me what was the problem?
> 
> More specifically, is there an issue with the current code when we'll
> be freeing (on refcount == 0) a kauth_cred_t in interrupt context?

yes.  it can sleep.

> if
> yes, can we determine we're in an interrupt context and perhaps
> implement some kind of "garbage collection" (mark the kauth_cred_t for
> freeing, put it in some queue)?

it can work, but sounds like an undesirable hack...

> or is there a different solution? or
> am I missing the problem? :)

i doubt if sodisconnect is the right place to free the credential.
(i think i said this before.)
is sodisconnect called for all sockets, even for non-connected ones?
are you sure that so_cred will never be used after sodisconnect?
i guess that it's better to write something which actually use so_cred
before commiting the patch.

YAMAMOTO Takashi

> 
> Thanks,
> 
> -e.