[OpenAFS-devel] setgroups() fails to change pag under linux 2.6

Roland Kuhn rkuhn@e18.physik.tu-muenchen.de
Wed, 9 Aug 2006 16:14:09 +0200 

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--Apple-Mail-9-731990701
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed

Hi Chas!

On 9 Aug 2006, at 15:41, chas williams - CONTRACTOR wrote:

> In message  
> <17623.34774.671617.38354@khavrinen.csail.mit.edu>,Garrett Wollman w
> rites:
>> Doesn't matter, so long as each PAG gets a distinct memory location.
>> In a real implementation, it would probably be a pointer to a
>> reference count.
>
> negative.  it really should just be an indentifier that is used to  
> group
> together objects.  there should not be identifier reuse.  pointers to
> kernel memory are very likely to be reused (mostly due to the slab
> allocator).  since you might pass these identifiers to a user process
> you cant let them repeat since you have no idea how long a user  
> process
> might hold onto these things.

You got me curious. I should probably watched this thread more  
closely and maybe it would then be clear to me: Why should userspace  
ever see a PAG identifier? What should it be able to do with it?

 From my (very limited) understanding a PAG should behave essentially  
like a session: it is inherited by fork()/exec(), you can detach from  
it, you can create a new one and you can modify it (klog). For none  
of these operations you need to know how the kernel internally  
handles this...

Ciao,
                     Roland

--
TU Muenchen, Physik-Department E18, James-Franck-Str., 85748 Garching
Telefon 089/289-12575; Telefax 089/289-12570
--
CERN office: 892-1-D23 phone: +41 22 7676540 mobile: +41 76 487 4482
--
Any society that would give up a little liberty to gain a little
security will deserve neither and lose both.  - Benjamin Franklin
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GS/CS/M/MU d-(++) s:+ a-> C+++ UL++++ P+++ L+++ E(+) W+ !N K- w--- M 
+ !V Y+
PGP++ t+(++) 5 R+ tv-- b+ DI++ e+++>++++ h---- y+++
------END GEEK CODE BLOCK------



--Apple-Mail-9-731990701
content-type: application/pgp-signature; x-mac-type=70674453;
	name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iD8DBQFE2e21I4MWO8QIRP0RAnxMAJoDCHLkcdil4BV3kSG8LVBWX/+/9gCgjNTq
QDIEr+0wCX7Ig0WdsMbhWrc=
=9XOO
-----END PGP SIGNATURE-----

--Apple-Mail-9-731990701--