Carlos Pizano
2bd1616076
.. and wire to one syscall. This CL shows the end-to-end process of computing policy and applying it to a single case: mx_channel_create(). It also changes how policy is declared making it simpler to process: now regardless of the condition, the policy have a single set of constants MX_ACTION_POL_DENY, MX_POL_ACTION_ALLOW and so on. Change-Id: I2b09ce54af3c1ab3332e7b2ab160cd5b768e8dd5
1.3 KiB
1.3 KiB
Job
NAME
job - Control a group of processes
SYNOPSIS
A job is a group of processes and possibly other (child) jobs. Jobs are used to track privileges to perform kernel operations (i.e., make various syscalls, with various options), and track and limit basic resource (e.g., memory, CPU) consumption. Every process belongs to a single job. Jobs can also be nested, and every job except the root job also belongs to a single (parent) job.
DESCRIPTION
A job is an object consisting of the following:
- a reference to a parent job
- a set of child jobs (each of whom has this job as parent)
- a set of member processes
- a set of policies [⚠ not implemented]
Jobs control "applications" that are composed of more than one process to be controlled as a single entity.
SYSCALLS
- job_create - create a new child job.
- process_create - create a new process within a job.
- job_set_policy - set policy for new processes in the job.
- task_resume - cause a suspended task to continue running.
- task_bind_exception_port - attach an exception port to a task
- task_kill - cause a task to stop running.