Changeset View
Changeset View
Standalone View
Standalone View
sys/kern/kern_exit.c
| Show First 20 Lines • Show All 1,200 Lines • ▼ Show 20 Lines | |||||
| int | int | ||||
| kern_wait(struct thread *td, pid_t pid, int *status, int options, | kern_wait(struct thread *td, pid_t pid, int *status, int options, | ||||
| struct rusage *rusage) | struct rusage *rusage) | ||||
| { | { | ||||
| struct __wrusage wru, *wrup; | struct __wrusage wru, *wrup; | ||||
| idtype_t idtype; | idtype_t idtype; | ||||
| id_t id; | id_t id; | ||||
| int ret; | int ret; | ||||
jonathan: If `IN_CAPABILITY_MODE`, would it make sense to check and confirm that `pid == WAIT_ANY` (to… | |||||
| /* | /* | ||||
| * Translate the special pid values into the (idtype, pid) | * Translate the special pid values into the (idtype, pid) | ||||
| * pair for kern_wait6. The WAIT_MYPGRP case is handled by | * pair for kern_wait6. The WAIT_MYPGRP case is handled by | ||||
| * kern_wait6() on its own. | * kern_wait6() on its own. | ||||
| */ | */ | ||||
| if (pid == WAIT_ANY) { | if (pid == WAIT_ANY) { | ||||
| idtype = P_ALL; | idtype = P_ALL; | ||||
| id = 0; | id = 0; | ||||
| ▲ Show 20 Lines • Show All 107 Lines • ▼ Show 20 Lines | ret = proc_to_reap(td, p, idtype, id, status, options, | ||||
| wrusage, siginfo, 0); | wrusage, siginfo, 0); | ||||
| if (ret == 0) | if (ret == 0) | ||||
| continue; | continue; | ||||
| else if (ret != 1) { | else if (ret != 1) { | ||||
| td->td_retval[0] = pid; | td->td_retval[0] = pid; | ||||
| return (0); | return (0); | ||||
| } | } | ||||
| /* | |||||
| * When running in capsicum(4) mode, make wait(2) ignore | |||||
| * processes created with pdfork(2). This is because one can | |||||
| * disown them - by passing their process descriptor to another | |||||
| * process - which means it needs to be prevented from touching | |||||
| * them afterwards. | |||||
| */ | |||||
| if (IN_CAPABILITY_MODE(td) && p->p_procdesc != NULL) { | |||||
Not Done Inline ActionsWould it also make sense to check that idtype is P_ALL? That way, the process isn't using the PID or process group ID namespaces... jonathan: Would it also make sense to check that `idtype` is `P_ALL`? That way, the process isn't using… | |||||
| PROC_UNLOCK(p); | |||||
| continue; | |||||
| } | |||||
| nfound++; | nfound++; | ||||
| PROC_LOCK_ASSERT(p, MA_OWNED); | PROC_LOCK_ASSERT(p, MA_OWNED); | ||||
| if ((options & WTRAPPED) != 0 && | if ((options & WTRAPPED) != 0 && | ||||
| (p->p_flag & P_TRACED) != 0) { | (p->p_flag & P_TRACED) != 0) { | ||||
| PROC_SLOCK(p); | PROC_SLOCK(p); | ||||
| report = | report = | ||||
| ((p->p_flag & (P_STOPPED_TRACE | P_STOPPED_SIG)) && | ((p->p_flag & (P_STOPPED_TRACE | P_STOPPED_SIG)) && | ||||
| ▲ Show 20 Lines • Show All 129 Lines • Show Last 20 Lines | |||||
If IN_CAPABILITY_MODE, would it make sense to check and confirm that pid == WAIT_ANY (to avoid using global PID namespace)?