Date: prev next · Thread: first prev next last
2020 Archives by date, by thread · List index


Hi Gabriel,

        As discussed, this is a fun one =)

We have to open the /proc/self/smaps file just after we fork the loolkit worker, and just before we drop capabilities - cf. kit/Kit.cpp.

Any attempts to open it after that, or from wsd will not succeed due to kernel paranoia: fair enough.

In a unipoll world - we could have a second local thread to read that data from the kit and send it to wsd / Admin code.

But - that's painful around making our existing (rather pleasant) single-threaded, easy to reason about lock-free poll loop far more complex.

        The approach I'd love to see here is a simpler one:

        * we pass the fd across the unix socket the kit has
          to WSD using:

https://stackoverflow.com/questions/28003921/sending-file-descriptor-by-linux-socket?answertab=votes#tab-top

        * then move the memory polling magic from the Kit
          process to the Admin socket poll - which is where
          it belongs. Then we can kill bad guys based
          on policy from the Admin poll.

That should be beautiful, simplify the IPC logging we have significantly, make logs shorter, cleaner, and prettier.

        And life should be cleaner & prettier =)

        Sounds good ?

                Michael.

--
michael.meeks@collabora.com <><, GM Collabora Productivity
Hangout: mejmeeks@gmail.com, Skype: mmeeks
(M) +44 7795 666 147 - timezone usually UK / Europe

Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.