Rewrite of revoke() system call available for testing - patch #2

Matthew Dillon dillon at apollo.backplane.com
Tue Mar 31 23:19:53 PDT 2009


    I've rewritten the revoke() implementation.  It is now able to
    revoke any open file, not just devices.  The root directory, current
    directory, and jail root directory for a process cannot be revoked.
    The patch needs testing:

	fetch http://apollo.backplane.com/DFlyMisc/revoke02.patch

    The original revoke() was a horrible hack that basically blew away
    the underlying vnode without giving the VFS much say in the matter,
    and required a lot of code hacks to deal with the resulting mess.
    The new revoke() actually replaces the open descriptors with a dummy
    descriptor and close()s the revoked descriptors properly.

    For testing purposes, opening up ssh, screen, and 'script' typescript
    connections to/on the target machine helps exercise the controlling
    terminal logic.

					-Matt
					Matthew Dillon 
					<dillon at backplane.com>





More information about the Kernel mailing list