git: b330170c75fb - stable/13 - p_cansee(9): Bring up-to-date, misc fixes

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Olivier Certner <olce_at_FreeBSD.org>
Date: Thu, 21 Dec 2023 13:43:34 UTC
The branch stable/13 has been updated by olce:

URL: https://cgit.FreeBSD.org/src/commit/?id=b330170c75fb02273c4536a6e0274e5e8eaad622

commit b330170c75fb02273c4536a6e0274e5e8eaad622
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:43 +0000
Commit:     Olivier Certner <olce@FreeBSD.org>
CommitDate: 2023-12-21 13:37:16 +0000

    p_cansee(9): Bring up-to-date, misc fixes
    
    Essentially defer to cr_cansee(9), except for the specifics.
    
    Be more specific on the return codes.
    
    Reviewed by:            bcr, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40637
    
    (cherry picked from commit 2ede38aff5d4c91a17ab6d093f2e8cce24b5418b)
    
    Approved by:    markj (mentor)
---
 share/man/man9/p_cansee.9 | 44 ++++++++++++++++----------------------------
 1 file changed, 16 insertions(+), 28 deletions(-)

diff --git a/share/man/man9/p_cansee.9 b/share/man/man9/p_cansee.9
index 84287dac951b..9fdce460dfea 100644
--- a/share/man/man9/p_cansee.9
+++ b/share/man/man9/p_cansee.9
@@ -24,19 +24,18 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt P_CANSEE 9
 .Os
 .Sh NAME
 .Nm p_cansee
 .Nd determine visibility of a process
 .Sh SYNOPSIS
-.In sys/param.h
 .In sys/proc.h
 .Ft int
 .Fn p_cansee "struct thread *td" "struct proc *p"
 .Sh DESCRIPTION
-This function can be used to determine if a given process
+This function determines if a given process
 .Fa p
 is visible to the thread
 .Fa td ,
@@ -45,13 +44,14 @@ where the notion of
 may be read as
 .Dq "awareness of existence" .
 .Pp
-The function is implemented using
-.Xr cr_cansee 9 ,
-and the dependencies on
-.Xr sysctl 8
-variables documented in the
-.Xr cr_cansee 9
-manual page apply.
+This function explicitly allows a thread to always see its own process,
+even with pending credentials changes
+.Po
+see
+.Xr ucred 9
+.Pc .
+Otherwise, it simply defers to
+.Xr cr_cansee 9 .
 .Sh RETURN VALUES
 The
 .Fn p_cansee
@@ -62,30 +62,18 @@ if the process denoted by
 .Fa p
 is visible by thread
 .Fa td ,
-or a non-zero error return value otherwise.
+or ESRCH otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
 .It Bq Er ESRCH
-Process
-.Fa p
-is not visible to thread
-.Fa td
-as determined by
-.Xr cr_cansee 9 .
-.It Bq Er ESRCH
 Thread
 .Fa td
-has been jailed and process
+is not part of process
 .Fa p
-does not belong to the same jail as
-.Fa td .
-.It Bq Er ESRCH
-The MAC subsystem denied visibility.
+and cannot see it as determined by
+.Xr cr_cansee 9 .
 .El
 .Sh SEE ALSO
-.Xr jail 2 ,
-.Xr sysctl 8 ,
+.Xr ucred 9 ,
 .Xr cr_cansee 9 ,
-.Xr mac 9 ,
-.Xr p_candebug 9 ,
-.Xr prison_check 9
+.Xr p_candebug 9