HomeFreeBSD

capsicum: allow subset of wait4(2) functionality

Description

capsicum: allow subset of wait4(2) functionality

The usual way of handling process exit exit in capsicum(4) mode is
by using process descriptors (pdfork(2)) instead of the traditional
fork(2)/wait4(2) API. But most apps hadn't been converted this way,
and many cannot because the wait is hidden behind a library APIs that
revolve around PID numbers and not descriptors; GLib's
g_spawn_check_wait_status(3) is one example.

Thus, provide backwards compatibility by allowing the wait(2) family
of functions in Capsicum mode, except for child processes created by
pdfork(2).

Reviewed by: brooks, oshogbo
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D44372

Details

Provenance
traszAuthored on Aug 27 2024, 3:19 PM
oshogboCommitted on Aug 27 2024, 3:22 PM
Reviewer
brooks
Differential Revision
D44372: Allow subset of wait4(2) functionality in Capsicum mode
Parents
rG3b62f3350017: netinet: fix LINT-NOINET build failure
Branches
Unknown
Tags
Unknown