Make process descriptors standard part of the kernel. rwhod(8) already
requires process descriptors to work and having PROCDESC in GENERIC seems not enough, especially that we hope to have more and more consumers in the base. MFC after: 3 days
This commit is contained in:
parent
38fb2a0d9d
commit
4ac2e7d8d9
@ -125,12 +125,6 @@ is set; if the process is still alive and this is
|
||||
the last reference to the process descriptor, the process will be terminated
|
||||
with the signal
|
||||
.Dv SIGKILL .
|
||||
.Pp
|
||||
.Nm
|
||||
and associated functions depend on
|
||||
.Cd "options PROCDESC"
|
||||
described in
|
||||
.Xr procdesc 4 .
|
||||
.Sh RETURN VALUES
|
||||
.Fn pdfork
|
||||
returns a PID, 0 or -1, as
|
||||
|
@ -35,7 +35,6 @@
|
||||
.Sh SYNOPSIS
|
||||
.Cd "options CAPABILITY_MODE"
|
||||
.Cd "options CAPABILITIES"
|
||||
.Cd "options PROCDESC"
|
||||
.Sh DESCRIPTION
|
||||
.Nm
|
||||
is a lightweight OS capability and sandbox framework implementing a hybrid
|
||||
|
@ -35,8 +35,6 @@
|
||||
.Sh NAME
|
||||
.Nm procdesc
|
||||
.Nd process descriptor facility
|
||||
.Sh SYNOPSIS
|
||||
.Cd "options PROCDESC"
|
||||
.Sh DESCRIPTION
|
||||
.Nm
|
||||
is a file-descriptor-oriented interface to process signalling and control,
|
||||
|
@ -66,7 +66,6 @@ options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
|
||||
options AUDIT # Security event auditing
|
||||
options CAPABILITY_MODE # Capsicum capability mode
|
||||
options CAPABILITIES # Capsicum capabilities
|
||||
options PROCDESC # Support for process descriptors
|
||||
options MAC # TrustedBSD MAC Framework
|
||||
options KDTRACE_FRAME # Ensure frames are compiled in
|
||||
options KDTRACE_HOOKS # Kernel DTrace hooks
|
||||
|
@ -1167,9 +1167,6 @@ options MAC_TEST
|
||||
options CAPABILITIES # fine-grained rights on file descriptors
|
||||
options CAPABILITY_MODE # sandboxes with no global namespace access
|
||||
|
||||
# Support for process descriptors
|
||||
options PROCDESC
|
||||
|
||||
|
||||
#####################################################################
|
||||
# CLOCK OPTIONS
|
||||
|
@ -165,7 +165,6 @@ PPC_DEBUG opt_ppc.h
|
||||
PPC_PROBE_CHIPSET opt_ppc.h
|
||||
PPS_SYNC opt_ntp.h
|
||||
PREEMPTION opt_sched.h
|
||||
PROCDESC opt_procdesc.h
|
||||
QUOTA
|
||||
SCHED_4BSD opt_sched.h
|
||||
SCHED_STATS opt_sched.h
|
||||
|
@ -67,7 +67,6 @@ options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
|
||||
options AUDIT # Security event auditing
|
||||
options CAPABILITY_MODE # Capsicum capability mode
|
||||
options CAPABILITIES # Capsicum capabilities
|
||||
options PROCDESC # Support for process descriptors
|
||||
options MAC # TrustedBSD MAC Framework
|
||||
options KDTRACE_HOOKS # Kernel DTrace hooks
|
||||
options DDB_CTF # Kernel ELF linker loads CTF data
|
||||
|
@ -46,7 +46,6 @@ options NFS_ROOT # NFS usable as root device
|
||||
options P1003_1B_SEMAPHORES # POSIX-style semaphores
|
||||
options PREEMPTION # Enable kernel thread preemption
|
||||
options PRINTF_BUFR_SIZE=128 # Printf buffering to limit interspersion
|
||||
options PROCDESC # Support for process descriptors
|
||||
options PROCFS # Process filesystem (/proc)
|
||||
options PSEUDOFS # Pseudo-filesystem framework
|
||||
options SCHED_ULE # ULE scheduler
|
||||
|
@ -41,7 +41,6 @@ __FBSDID("$FreeBSD$");
|
||||
#include "opt_compat.h"
|
||||
#include "opt_ddb.h"
|
||||
#include "opt_ktrace.h"
|
||||
#include "opt_procdesc.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/systm.h>
|
||||
@ -3115,11 +3114,9 @@ sysctl_kern_proc_ofiledesc(SYSCTL_HANDLER_ARGS)
|
||||
tp = fp->f_data;
|
||||
break;
|
||||
|
||||
#ifdef PROCDESC
|
||||
case DTYPE_PROCDESC:
|
||||
kif->kf_type = KF_TYPE_PROCDESC;
|
||||
break;
|
||||
#endif
|
||||
|
||||
default:
|
||||
kif->kf_type = KF_TYPE_UNKNOWN;
|
||||
@ -3485,12 +3482,10 @@ kern_proc_filedesc_out(struct proc *p, struct sbuf *sb, ssize_t maxlen)
|
||||
data = fp->f_data;
|
||||
break;
|
||||
|
||||
#ifdef PROCDESC
|
||||
case DTYPE_PROCDESC:
|
||||
type = KF_TYPE_PROCDESC;
|
||||
data = fp->f_data;
|
||||
break;
|
||||
#endif
|
||||
|
||||
default:
|
||||
type = KF_TYPE_UNKNOWN;
|
||||
|
@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include "opt_compat.h"
|
||||
#include "opt_ktrace.h"
|
||||
#include "opt_procdesc.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/systm.h>
|
||||
@ -500,9 +499,7 @@ exit1(struct thread *td, int rv)
|
||||
* procdesc_exit() to serialize concurrent calls to close() and
|
||||
* exit().
|
||||
*/
|
||||
#ifdef PROCDESC
|
||||
if (p->p_procdesc == NULL || procdesc_exit(p)) {
|
||||
#endif
|
||||
/*
|
||||
* Notify parent that we're gone. If parent has the
|
||||
* PS_NOCLDWAIT flag set, or if the handler is set to SIG_IGN,
|
||||
@ -539,10 +536,8 @@ exit1(struct thread *td, int rv)
|
||||
else /* LINUX thread */
|
||||
kern_psignal(p->p_pptr, p->p_sigparent);
|
||||
}
|
||||
#ifdef PROCDESC
|
||||
} else
|
||||
PROC_LOCK(p->p_pptr);
|
||||
#endif
|
||||
sx_xunlock(&proctree_lock);
|
||||
|
||||
/*
|
||||
@ -807,10 +802,8 @@ proc_reap(struct thread *td, struct proc *p, int *status, int options)
|
||||
clear_orphan(p);
|
||||
PROC_UNLOCK(p);
|
||||
leavepgrp(p);
|
||||
#ifdef PROCDESC
|
||||
if (p->p_procdesc != NULL)
|
||||
procdesc_reap(p);
|
||||
#endif
|
||||
sx_xunlock(&proctree_lock);
|
||||
|
||||
/*
|
||||
|
@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include "opt_ktrace.h"
|
||||
#include "opt_kstack_pages.h"
|
||||
#include "opt_procdesc.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/systm.h>
|
||||
@ -118,7 +117,6 @@ sys_pdfork(td, uap)
|
||||
struct thread *td;
|
||||
struct pdfork_args *uap;
|
||||
{
|
||||
#ifdef PROCDESC
|
||||
int error, fd;
|
||||
struct proc *p2;
|
||||
|
||||
@ -135,9 +133,6 @@ sys_pdfork(td, uap)
|
||||
error = copyout(&fd, uap->fdp, sizeof(fd));
|
||||
}
|
||||
return (error);
|
||||
#else
|
||||
return (ENOSYS);
|
||||
#endif
|
||||
}
|
||||
|
||||
/* ARGSUSED */
|
||||
@ -655,7 +650,6 @@ do_fork(struct thread *td, int flags, struct proc *p2, struct thread *td2,
|
||||
p2->p_vmspace->vm_ssize);
|
||||
}
|
||||
|
||||
#ifdef PROCDESC
|
||||
/*
|
||||
* Associate the process descriptor with the process before anything
|
||||
* can happen that might cause that process to need the descriptor.
|
||||
@ -663,7 +657,6 @@ do_fork(struct thread *td, int flags, struct proc *p2, struct thread *td2,
|
||||
*/
|
||||
if (flags & RFPROCDESC)
|
||||
procdesc_new(p2, pdflags);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Both processes are set up, now check if any loadable modules want
|
||||
@ -758,9 +751,7 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
int error;
|
||||
static int curfail;
|
||||
static struct timeval lastfail;
|
||||
#ifdef PROCDESC
|
||||
struct file *fp_procdesc = NULL;
|
||||
#endif
|
||||
|
||||
/* Check for the undefined or unimplemented flags. */
|
||||
if ((flags & ~(RFFLAGS | RFTSIGFLAGS(RFTSIGMASK))) != 0)
|
||||
@ -778,7 +769,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
if ((flags & RFTSIGZMB) != 0 && (u_int)RFTSIGNUM(flags) > _SIG_MAXSIG)
|
||||
return (EINVAL);
|
||||
|
||||
#ifdef PROCDESC
|
||||
if ((flags & RFPROCDESC) != 0) {
|
||||
/* Can't not create a process yet get a process descriptor. */
|
||||
if ((flags & RFPROC) == 0)
|
||||
@ -788,7 +778,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
if (procdescp == NULL)
|
||||
return (EINVAL);
|
||||
}
|
||||
#endif
|
||||
|
||||
p1 = td->td_proc;
|
||||
|
||||
@ -801,7 +790,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
return (fork_norfproc(td, flags));
|
||||
}
|
||||
|
||||
#ifdef PROCDESC
|
||||
/*
|
||||
* If required, create a process descriptor in the parent first; we
|
||||
* will abandon it if something goes wrong. We don't finit() until
|
||||
@ -812,7 +800,6 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
if (error != 0)
|
||||
return (error);
|
||||
}
|
||||
#endif
|
||||
|
||||
mem_charged = 0;
|
||||
vm2 = NULL;
|
||||
@ -919,12 +906,10 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
* Return child proc pointer to parent.
|
||||
*/
|
||||
*procp = newproc;
|
||||
#ifdef PROCDESC
|
||||
if (flags & RFPROCDESC) {
|
||||
procdesc_finit(newproc->p_procdesc, fp_procdesc);
|
||||
fdrop(fp_procdesc, td);
|
||||
}
|
||||
#endif
|
||||
racct_proc_fork_done(newproc);
|
||||
return (0);
|
||||
}
|
||||
@ -944,12 +929,10 @@ fork1(struct thread *td, int flags, int pages, struct proc **procp,
|
||||
if (vm2 != NULL)
|
||||
vmspace_free(vm2);
|
||||
uma_zfree(proc_zone, newproc);
|
||||
#ifdef PROCDESC
|
||||
if ((flags & RFPROCDESC) != 0 && fp_procdesc != NULL) {
|
||||
fdclose(td->td_proc->p_fd, fp_procdesc, *procdescp, td);
|
||||
fdrop(fp_procdesc, td);
|
||||
}
|
||||
#endif
|
||||
pause("fork", hz / 2);
|
||||
return (error);
|
||||
}
|
||||
|
@ -40,7 +40,6 @@ __FBSDID("$FreeBSD$");
|
||||
#include "opt_compat.h"
|
||||
#include "opt_ktrace.h"
|
||||
#include "opt_core.h"
|
||||
#include "opt_procdesc.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/systm.h>
|
||||
@ -1723,7 +1722,6 @@ sys_pdkill(td, uap)
|
||||
struct thread *td;
|
||||
struct pdkill_args *uap;
|
||||
{
|
||||
#ifdef PROCDESC
|
||||
struct proc *p;
|
||||
cap_rights_t rights;
|
||||
int error;
|
||||
@ -1743,9 +1741,6 @@ sys_pdkill(td, uap)
|
||||
kern_psignal(p, uap->signum);
|
||||
PROC_UNLOCK(p);
|
||||
return (error);
|
||||
#else
|
||||
return (ENOSYS);
|
||||
#endif
|
||||
}
|
||||
|
||||
#if defined(COMPAT_43)
|
||||
|
@ -61,8 +61,6 @@
|
||||
#include <sys/cdefs.h>
|
||||
__FBSDID("$FreeBSD$");
|
||||
|
||||
#include "opt_procdesc.h"
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/capability.h>
|
||||
#include <sys/fcntl.h>
|
||||
@ -85,8 +83,6 @@ __FBSDID("$FreeBSD$");
|
||||
|
||||
#include <vm/uma.h>
|
||||
|
||||
#ifdef PROCDESC
|
||||
|
||||
FEATURE(process_descriptors, "Process Descriptors");
|
||||
|
||||
static uma_zone_t procdesc_zone;
|
||||
@ -522,14 +518,3 @@ procdesc_chown(struct file *fp, uid_t uid, gid_t gid, struct ucred *active_cred,
|
||||
|
||||
return (EOPNOTSUPP);
|
||||
}
|
||||
|
||||
#else /* !PROCDESC */
|
||||
|
||||
int
|
||||
sys_pdgetpid(struct thread *td, struct pdgetpid_args *uap)
|
||||
{
|
||||
|
||||
return (ENOSYS);
|
||||
}
|
||||
|
||||
#endif /* PROCDESC */
|
||||
|
@ -65,7 +65,6 @@ options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
|
||||
options AUDIT # Security event auditing
|
||||
options CAPABILITY_MODE # Capsicum capability mode
|
||||
options CAPABILITIES # Capsicum capabilities
|
||||
options PROCDESC # Support for process descriptors
|
||||
options MAC # TrustedBSD MAC Framework
|
||||
options INCLUDE_CONFIG_FILE # Include this file in kernel
|
||||
options KDB # Kernel debugger related code
|
||||
|
@ -70,7 +70,6 @@ options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
|
||||
options AUDIT # Security event auditing
|
||||
options CAPABILITY_MODE # Capsicum capability mode
|
||||
options CAPABILITIES # Capsicum capabilities
|
||||
options PROCDESC # Support for process descriptors
|
||||
options MAC # TrustedBSD MAC Framework
|
||||
options KDTRACE_HOOKS # Kernel DTrace hooks
|
||||
options DDB_CTF # Kernel ELF linker loads CTF data
|
||||
|
@ -63,7 +63,6 @@ options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4)
|
||||
options AUDIT # Security event auditing
|
||||
options CAPABILITY_MODE # Capsicum capability mode
|
||||
options CAPABILITIES # Capsicum capabilities
|
||||
options PROCDESC # Support for process descriptors
|
||||
options MAC # TrustedBSD MAC Framework
|
||||
options INCLUDE_CONFIG_FILE # Include this file in kernel
|
||||
|
||||
|
@ -281,7 +281,7 @@ main(int argc, char *argv[])
|
||||
} else if (pid_child_receiver == -1) {
|
||||
if (errno == ENOSYS) {
|
||||
syslog(LOG_ERR,
|
||||
"The pdfork(2) system call is not available; recompile the kernel with options PROCDESC");
|
||||
"The pdfork(2) system call is not available - kernel too old.");
|
||||
} else {
|
||||
syslog(LOG_ERR, "pdfork: %m");
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user