Mailing List Archive

From:: "Theo de Raadt" <deraadt@openbsd.org>
Subject:: Re: patch: relax ni_pledge panic
To:: Mark Kettenis <mark.kettenis@xs4all.nl>, semarie@kapouay.eu.org, tech@openbsd.org
Date:: Thu, 06 Feb 2025 10:55:51 -0700

Download raw body.

Thread

2025-02-06 16:43 Theo de Raadt:
patch: relax ni_pledge panic
- 2025-02-06 17:46 Martin Pieuchot:
  patch: relax ni_pledge panic
- - 2025-02-06 17:55 Theo de Raadt:
    patch: relax ni_pledge panic
  - - 2025-02-10 11:31 Martin Pieuchot:
      patch: relax ni_pledge panic
  - 2025-02-07 16:47 Claudio Jeker:
    patch: relax ni_pledge panic

Martin Pieuchot <mpi@grenadille.net> wrote:

> I'd rather see a rwlock be used to serialized access to the per-process
> data structures.  I don't see any reason to use the single thread API
> for this and I'd rather not spread its usage.  It is already a pain to
> work with.

I don't understand why this is needed.

unveil and pledge are not performance sensitive and called many times.

The single thread API is designed exactly for this.  Adding piles of
low-level deadlock sensitive mutexes and rwlocks doesn't make sense.

2025-02-06 16:43 Theo de Raadt:
patch: relax ni_pledge panic
- 2025-02-06 17:46 Martin Pieuchot:
  patch: relax ni_pledge panic
- - 2025-02-06 17:55 Theo de Raadt:
    patch: relax ni_pledge panic
  - - 2025-02-10 11:31 Martin Pieuchot:
      patch: relax ni_pledge panic
  - 2025-02-07 16:47 Claudio Jeker:
    patch: relax ni_pledge panic