diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-06-14 23:31:52 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-06-14 23:31:52 +0000 |
commit | d42502118bcc06bfc8520058a99134418b427960 (patch) | |
tree | 3fef54744ee63a8405d7ad786eb42da20f29eb60 /sys/kern/kern_resource.c | |
parent | 5db775aaced05bbda585e596739fe8150a74d68d (diff) | |
download | FreeBSD-src-d42502118bcc06bfc8520058a99134418b427960.zip FreeBSD-src-d42502118bcc06bfc8520058a99134418b427960.tar.gz |
Remove the restriction that rtprio(2) cannot be used to set the realtime
or idle priority of another process owned by the same user. This means
that privilege in rtprio(2) (and rtprio_thread(2)) is required indirectly
via p_cansched(9) or directly to set realtime/idle privilege, rather than
directly affecting target process authorization.
Diffstat (limited to 'sys/kern/kern_resource.c')
-rw-r--r-- | sys/kern/kern_resource.c | 25 |
1 files changed, 8 insertions, 17 deletions
diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index 847e9f4..7e161cb 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -323,8 +323,6 @@ rtprio_thread(struct thread *td, struct rtprio_thread_args *uap) break; /* Disallow setting rtprio in most cases if not superuser. */ - if (priv_check(td, PRIV_SCHED_RTPRIO) != 0) { - /* can't set realtime priority */ /* * Realtime priority has to be restricted for reasons which should be * obvious. However, for idle priority, there is a potential for @@ -333,13 +331,13 @@ rtprio_thread(struct thread *td, struct rtprio_thread_args *uap) * due to a CPU-bound normal process). Fix me! XXX */ #if 0 - if (RTP_PRIO_IS_REALTIME(rtp.type)) { + if (RTP_PRIO_IS_REALTIME(rtp.type)) { #else - if (rtp.type != RTP_PRIO_NORMAL) { + if (rtp.type != RTP_PRIO_NORMAL) { #endif - error = EPERM; + error = priv_check(td, PRIV_SCHED_RTPRIO); + if (error) break; - } } PROC_SLOCK(p); @@ -438,13 +436,6 @@ rtprio(td, uap) break; /* Disallow setting rtprio in most cases if not superuser. */ - if (priv_check(td, PRIV_SCHED_RTPRIO) != 0) { - /* can't set someone else's */ - if (uap->pid) { - error = EPERM; - break; - } - /* can't set realtime priority */ /* * Realtime priority has to be restricted for reasons which should be * obvious. However, for idle priority, there is a potential for @@ -453,13 +444,13 @@ rtprio(td, uap) * due to a CPU-bound normal process). Fix me! XXX */ #if 0 - if (RTP_PRIO_IS_REALTIME(rtp.type)) { + if (RTP_PRIO_IS_REALTIME(rtp.type)) { #else - if (rtp.type != RTP_PRIO_NORMAL) { + if (rtp.type != RTP_PRIO_NORMAL) { #endif - error = EPERM; + error = priv_check(td, PRIV_SCHED_RTPRIO); + if (error) break; - } } /* |