svn commit: r255731 - head/usr.bin/protect
John Baldwin
jhb at freebsd.org
Fri Sep 20 21:30:10 UTC 2013
On Friday, September 20, 2013 1:14:45 pm Sergey Kandaurov wrote:
> On 20 September 2013 20:05, John Baldwin <jhb at freebsd.org> wrote:
> > Author: jhb
> > Date: Fri Sep 20 16:05:09 2013
> > New Revision: 255731
> > URL: http://svnweb.freebsd.org/changeset/base/255731
> >
> > Log:
> > Correct stale comments.
> >
> > Approved by: re (joel)
> >
> > Modified:
> > head/usr.bin/protect/protect.1
> >
> > Modified: head/usr.bin/protect/protect.1
> >
==============================================================================
> > --- head/usr.bin/protect/protect.1 Fri Sep 20 15:57:50 2013
(r255730)
> > +++ head/usr.bin/protect/protect.1 Fri Sep 20 16:05:09 2013
(r255731)
> > @@ -83,9 +83,7 @@ Remove protection from all current and f
> > .Pp
> > .Dl "protect -cdi -p 1"
> > .Sh SEE ALSO
> > -.Xr pprotect 2
> > +.Xr procctl 2
> > .Sh BUGS
> > If you protect a runaway process that allocates all memory the system
will
> > deadlock.
> > -.Pp
> > -Inheritance of the protected state is not yet implemented.
>
> I wanted to report you about this stale sentence, but after looking
> at the change once more now I think it is still relevant.
>
> + if (p1->p_flag2 & P2_INHERIT_PROTECTED) {
> + p2->p_flag |= P_PROTECTED;
> + p2->p_flag2 |= P2_INHERIT_PROTECTED;
> + }
> +
>
> The protected state is not really inherited in terms that it is rather
> explicitly conditionally enabled. Consider the following process state:
>
> p1->p_flag != P_PROTECTED
> p1->p_flag2 == P2_INHERIT_PROTECTED
>
> Ok, this is not an option currently because protect_setchild() resets
> both flags on PPROT_CLEAR. Anyway the following looks more sane to me:
>
> if (p1->p_flag2 & P2_INHERIT_PROTECTED) {
> p2->p_flag |= p1->p_flag & P_PROTECTED;
> p2->p_flag2 |= P2_INHERIT_PROTECTED;
> }
By design P_PROTECTED is always set if P2_INHERIT_PROTECTED is set. It
mimics the way ktrace -i works.
--
John Baldwin
More information about the svn-src-all
mailing list