Since the bootstrap filesystem is no longer a single process,
but can be spread among eg, pci-arbiter and rumpdisk, we cannot
just check the p_parent of the process but need to follow
to the root of the process namespace to check if it belongs to startup.
---
proc/mgt.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/proc/mgt.c b/proc/mgt.c
index d92bf528..01510f43 100644
--- a/proc/mgt.c
+++ b/proc/mgt.c
@@ -1109,15 +1109,17 @@ S_proc_mark_important (struct proc *p)
if (!p)
return EOPNOTSUPP;
- /* Only root may use this interface. Any children of startup_proc
+ /* Only root may use this interface. Any bootstrapping processes are
exempt from this restriction, as startup_proc calls this on their
behalf. The kernel process is a notable example of an process
that needs this exemption. That is not an problem however, since
- all children of /hurd/startup are important and we mark them as
- such anyway. */
- if (! check_uid (p, 0) && p->p_parent != startup_proc)
- return EPERM;
+ all important processes are marked as such anyway. */
+ if (! check_uid (p, 0) && namespace_find_root(p)->p_pid != HURD_PID_STARTUP)
+ {
+ mach_print("proc_mark_important: EPERM (UID!=0 and is not a startup
process)\n");
+ return EPERM;
+ }
p->p_important = 1;
return 0;
}
--
2.31.0
