Page MenuHomeFreeBSD
Files F107924286

D33338.diff
No OneTemporary
Actions

D33338.diff
View Options

diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c
--- a/sys/kern/kern_resource.c
+++ b/sys/kern/kern_resource.c
@@ -350,13 +350,13 @@
* easier to lock a resource indefinitely, but it is not the
* only thing that makes it possible.
*/
- if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME ||
- (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&
- unprivileged_idprio == 0)) {
- error = priv_check(td, PRIV_SCHED_RTPRIO);
- if (error)
- break;
- }
+ if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME &&
+ (error = priv_check(td, PRIV_SCHED_RTPRIO)) != 0)
+ break;
+ if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&
+ unprivileged_idprio == 0 &&
+ (error = priv_check(td, PRIV_SCHED_IDPRIO)) != 0)
+ break;
error = rtp_to_pri(&rtp, td1);
break;
default:
@@ -440,13 +440,13 @@
* See the comment in sys_rtprio_thread about idprio
* threads holding a lock.
*/
- if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME ||
- (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&
- !unprivileged_idprio)) {
- error = priv_check(td, PRIV_SCHED_RTPRIO);
- if (error)
- break;
- }
+ if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME &&
+ (error = priv_check(td, PRIV_SCHED_RTPRIO)) != 0)
+ break;
+ if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&
+ unprivileged_idprio == 0 &&
+ (error = priv_check(td, PRIV_SCHED_IDPRIO)) != 0)
+ break;
/*
* If we are setting our own priority, set just our
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -1975,6 +1975,7 @@
case PRIV_SCHED_SETPOLICY:
case PRIV_SCHED_SET:
case PRIV_SCHED_SETPARAM:
+ case PRIV_SCHED_IDPRIO:
/*
* More IPC privileges.
diff --git a/sys/security/mac_lomac/mac_lomac.c b/sys/security/mac_lomac/mac_lomac.c
--- a/sys/security/mac_lomac/mac_lomac.c
+++ b/sys/security/mac_lomac/mac_lomac.c
@@ -1743,6 +1743,7 @@
case PRIV_SCHED_SETPOLICY:
case PRIV_SCHED_SET:
case PRIV_SCHED_SETPARAM:
+ case PRIV_SCHED_IDPRIO:
/*
* More IPC privileges.
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -192,6 +192,7 @@
#define PRIV_SCHED_SETPARAM 205 /* Can set thread scheduler params. */
#define PRIV_SCHED_CPUSET 206 /* Can manipulate cpusets. */
#define PRIV_SCHED_CPUSET_INTR 207 /* Can adjust IRQ to CPU binding. */
+#define PRIV_SCHED_IDPRIO 208 /* Can set idle time scheduling. */
/*
* POSIX semaphore privileges.

File Metadata

Mime Type
text/plain
Expires
Mon, Jan 20, 12:33 PM (21 h, 10 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15977859
Default Alt Text
D33338.diff (2 KB)

Event Timeline