Re: [PATCH] Make processor set interface privileged

Tue, 24 Mar 2026 14:44:51 -0700 

I am ok committing only that part. Thank you

Manolo

On Tue, Mar 24, 2026 at 10:18 PM Samuel Thibault
<[email protected]> wrote:
>
> Manolo de Medici, le mar. 24 mars 2026 21:11:05 +0000, a ecrit:
> > Creating a processor set reserve physical limited resources,
> > only root should be allowed to do that.
>
> I agree with that and commited it, but
>
> > Further, allowing users to inspect the any processor sets that is not
> > their own shouldn't be allowed.
>
> If they are not allowed to inspect some host properties, they shouldn't
> have obtained the host_t from the start?
>
> Samuel
>
> > This modification is even more important if we consider that
> > processor sets and processor affinities will clash in several
> > aspects. Principally I plan to set the rules that removing
> > any processor from a processor set will nullify any affinities
> > of all processes belonging to that processor set.
> > ---
> >  include/mach/mach_host.defs | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/include/mach/mach_host.defs b/include/mach/mach_host.defs
> > index 3b9b0c58..372f3859 100644
> > --- a/include/mach/mach_host.defs
> > +++ b/include/mach/mach_host.defs
> > @@ -82,7 +82,7 @@ skip;       /* old yyy_processor_control */
> >   *   Get default processor set for host.
> >   */
> >  routine processor_set_default(
> > -             host            : host_t;
> > +             host_priv       : host_priv_t;
> >       out     default_set     : processor_set_name_t);
> >
> >  skip;        /* old xxx_processor_set_default_priv */
> > @@ -92,7 +92,7 @@ skip;       /* old xxx_processor_set_default_priv */
> >   *   and name port for obtaining information.
> >   */
> >  routine processor_set_create(
> > -             host            : host_t;
> > +             host_priv       : host_priv_t;
> >       out     new_set         : processor_set_t;
> >       out     new_name        : processor_set_name_t);
> >
> > @@ -245,7 +245,7 @@ routine processor_set_threads(
> >   *   List all processor sets on host.
> >   */
> >  routine host_processor_sets(
> > -             host            : host_t;
> > +             host_priv       : host_priv_t;
> >       out     processor_sets  : processor_set_name_array_t);
> >
> >  /*
> > --
> > 2.53.0
> >
> >

Reply via email to