[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <478F7768.90203@redhat.com>
Date: Thu, 17 Jan 2008 07:42:32 -0800
From: Ulrich Drepper <drepper@...hat.com>
To: Vinay Sridhar <vinay@...ux.vnet.ibm.com>
CC: linux-kernel@...r.kernel.org, libc-alpha@...rceware.org,
wli@...omorphy.com, akpm@...ux-foundation.org, sripathik@...ibm.com
Subject: Re: [RFC] Per-thread getrusage
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Vinay Sridhar wrote:
> There are two ways to implement this in the kernel:
> 1) Introduce an additional parameter 'tid' to sys_getrusage() and put
> code in glibc to handle getrusage() and pthread_getrusage() calls
> correctly.
> 2) Introduce a new system call to handle pthread_getrusage() and leave
> sys_getrusage() untouched.
You're doing two things at once:
a) provide a way to get a thread's usage
b) provide a way to get another process's/thread's usage
The former is a trivial extension and I completely agree. RUSAGE_THREAD
is trivial to implement and should go in ASAP.
The second part isn't that easy. The first question is: do we really
need this? It is a new type of interface. We have the /proc filesystem
etc for programs which want to look at other process' data. Second,
more importantly right now, your patch seems not to include any security
support. Correct me if I'm wrong, but find_task_by_pid will always
succeed, regardless of whether the calling thread belongs to another UID
or not. I.e., your patch enables any process to read any other process'
usage. That's a no-no.
I suggest that you split the patch in two. The first should implement
RUSAGE_THREAD. You'll immediately get an ACK from me for that. The
second part then should introduce a way to get another process' usage.
This patch should only be used initially as a starting point for
discussions. You'll have to argue why it is necessary in the first place.
The argument might have to do with why you want a pthread_getrusage()
interface (which, btw, is a bad name since the interface is nothing like
getrusage, getrusage doesn't allow requesting any other process' data).
Yes, for intra-process lookups relying on /proc is no good idea. But
then, I have not seen any reason so far why such an API is needed and
why a thread cannot just be responsible for reading its own usage data.
Anyway, if pthread_getrusage (or whatever it'll be called) is the only
usage then the syscall should require that the TID parameter is from a
thread in the same process which would solve the security problem.
- --
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHj3do2ijCOnn/RHQRAiKdAKCSooiEWcxr780hJGenElyDiWPWKgCdE+6Y
j6ibmGsPT4aYxhSfpimSdiw=
=jOC9
-----END PGP SIGNATURE-----
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists