Subject: kauth and sleeping [Re: CVS commit: src/sys/kern]
To: Elad Efrat <elad@netbsd.org>
From: Andrew Doran <ad@NetBSD.org>
List: tech-kern
Date: 07/24/2006 13:14:48
Hi,

On Sat, Jul 22, 2006 at 09:24:25AM +0000, Elad Efrat wrote:

> Modified Files:
> 	src/sys/kern: kern_auth.c
> 
> Log Message:
> if LOCKDEBUG, assert that we can sleep in kauth_authorize_action().
> discussed with yamt@ on tech-kern.

This reliably panics LOCKDEBUG kernels, because there a number of places
(signalling, sysctl, procfs, ...) where we hold the proclist lock when
calling kauth_authorize_process(), eg:

                proclist_lock_read();
                PROCLIST_FOREACH(p, &allproc) {
                        if (kauth_authorize_process(l->l_cred,
                            KAUTH_PROCESS_CANSEE, p, NULL, NULL, NULL) != 0)
                                continue;
			[...]
		}
		proclist_unlock_read();

I don't fully understand the implication of kauth in this setting, other
than providing permission to touch another process. In what situations might
it want to sleep?

Sleeping with the proclist lock held is not something that we should do. So
I can see two options: (a) modify the callers so they do not have to hold
the lock (not easy) or (b) revert this change until we have an incentive for
kauth to sleep in this case (easy).

Comments? 

Thanks,
Andrew