From owner-freebsd-arch@FreeBSD.ORG Tue May 14 19:21:16 2013 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 3E36CBD5; Tue, 14 May 2013 19:21:16 +0000 (UTC) (envelope-from jilles@stack.nl) Received: from mx1.stack.nl (relay02.stack.nl [IPv6:2001:610:1108:5010::104]) by mx1.freebsd.org (Postfix) with ESMTP id 076563F6; Tue, 14 May 2013 19:21:16 +0000 (UTC) Received: from snail.stack.nl (snail.stack.nl [IPv6:2001:610:1108:5010::131]) by mx1.stack.nl (Postfix) with ESMTP id 655763592DC; Tue, 14 May 2013 21:21:15 +0200 (CEST) Received: by snail.stack.nl (Postfix, from userid 1677) id 4F22F28493; Tue, 14 May 2013 21:21:15 +0200 (CEST) Date: Tue, 14 May 2013 21:21:15 +0200 From: Jilles Tjoelker To: John Baldwin Subject: Re: Extending MADV_PROTECT Message-ID: <20130514192115.GA34869@stack.nl> References: <201305071433.27993.jhb@freebsd.org> <201305090814.52166.jhb@freebsd.org> <20130509123147.GT3047@kib.kiev.ua> <201305101535.50633.jhb@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <201305101535.50633.jhb@freebsd.org> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: Konstantin Belousov , arch@freebsd.org X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 May 2013 19:21:16 -0000 On Fri, May 10, 2013 at 03:35:50PM -0400, John Baldwin wrote: > [snip] > +int > +kern_procctl(struct thread *td, idtype_t idtype, id_t id, u_long com, > + void *data) > +{ > [snip] > + case P_PGID: > + /* > + * Attempt to apply the operation to all members of the > + * group. Ignore processes in the group that can't be > + * seen. Stop on the first error encountered. > + */ > + pg = pgfind(id); > + if (pg == NULL) { > + error = ESRCH; > + break; > + } > + PGRP_UNLOCK(pg); > + error = ESRCH; > + LIST_FOREACH(p, &pg->pg_members, p_pglist) { > + PROC_LOCK(p); > + if (p->p_state == PRS_NEW || > + p_cansee(td, p) != 0) { > + PROC_UNLOCK(p); > + continue; > + } > + error = kern_procctl_single(td, p, com, data); > + PROC_UNLOCK(p); > + if (error) > + break; > + } > + break; I think it does not really make sense that the set of affected processes depends on the order in &pg->pg_members. Comparing other functions, kill() returns success if it could signal any process (even it could not signal other processes matched by the argument). This is also most consistent with general POSIX/Unix philosophy that a function only fails if it committed no change (but there are various places where this is not the case). On the other hand, setpriority() affects all matches processes it can but returns an error if any one fails, even if some other process was affected. All this is not very important for process protection because it requires root privileges anyway but future procctl commands may well be accessible to normal users (I'm thinking of avoiding proliferation of pd* calls in particular). -- Jilles Tjoelker