svn commit: r230038 - stable/8/sys/kern

Eitan Adler eadler at FreeBSD.org
Fri Jan 13 00:38:01 UTC 2012


Author: eadler (ports committer)
Date: Fri Jan 13 00:38:00 2012
New Revision: 230038
URL: http://svn.freebsd.org/changeset/base/230038

Log:
  MFC r228470:
  	- Add a sysctl to allow non-root users the ability to set idle
  	  priorities.
  	- While here fix up some style nits.
  
  Approved by:	jhb

Modified:
  stable/8/sys/kern/kern_resource.c
Directory Properties:
  stable/8/sys/   (props changed)

Modified: stable/8/sys/kern/kern_resource.c
==============================================================================
--- stable/8/sys/kern/kern_resource.c	Thu Jan 12 22:49:36 2012	(r230037)
+++ stable/8/sys/kern/kern_resource.c	Fri Jan 13 00:38:00 2012	(r230038)
@@ -55,6 +55,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/sched.h>
 #include <sys/sx.h>
 #include <sys/syscallsubr.h>
+#include <sys/sysctl.h>
 #include <sys/sysent.h>
 #include <sys/time.h>
 #include <sys/umtx.h>
@@ -272,6 +273,10 @@ donice(struct thread *td, struct proc *p
 	return (0);
 }
 
+static int unprivileged_idprio;
+SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_idprio, CTLFLAG_RW,
+    &unprivileged_idprio, 0, "Allow non-root users to set an idle priority");
+
 /*
  * Set realtime priority for LWP.
  */
@@ -322,18 +327,26 @@ rtprio_thread(struct thread *td, struct 
 			break;
 
 		/* Disallow setting rtprio in most cases if not superuser. */
-/*
- * Realtime priority has to be restricted for reasons which should be
- * obvious.  However, for idle priority, there is a potential for
- * system deadlock if an idleprio process gains a lock on a resource
- * that other processes need (and the idleprio process can't run
- * due to a CPU-bound normal process).  Fix me!  XXX
- */
-#if 0
-		if (RTP_PRIO_IS_REALTIME(rtp.type)) {
-#else
-		if (rtp.type != RTP_PRIO_NORMAL) {
-#endif
+
+		/*
+		 * Realtime priority has to be restricted for reasons which
+		 * should be obvious.  However, for idleprio processes, there is
+		 * a potential for system deadlock if an idleprio process gains
+		 * a lock on a resource that other processes need (and the
+		 * idleprio process can't run due to a CPU-bound normal
+		 * process).  Fix me!  XXX
+		 *
+		 * This problem is not only related to idleprio process.
+		 * A user level program can obtain a file lock and hold it
+		 * indefinitely.  Additionally, without idleprio processes it is
+		 * still conceivable that a program with low priority will never
+		 * get to run.  In short, allowing this feature might make it
+		 * easier to lock a resource indefinitely, but it is not the
+		 * only thing that makes it possible.
+		 */
+		if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME ||
+		    (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&
+		    unprivileged_idprio == 0)) {
 			error = priv_check(td, PRIV_SCHED_RTPRIO);
 			if (error)
 				break;
@@ -426,19 +439,14 @@ rtprio(td, uap)
 		if ((error = p_cansched(td, p)) || (error = cierror))
 			break;
 
-		/* Disallow setting rtprio in most cases if not superuser. */
-/*
- * Realtime priority has to be restricted for reasons which should be
- * obvious.  However, for idle priority, there is a potential for
- * system deadlock if an idleprio process gains a lock on a resource
- * that other processes need (and the idleprio process can't run
- * due to a CPU-bound normal process).  Fix me!  XXX
- */
-#if 0
-		if (RTP_PRIO_IS_REALTIME(rtp.type)) {
-#else
-		if (rtp.type != RTP_PRIO_NORMAL) {
-#endif
+		/*
+		 * Disallow setting rtprio in most cases if not superuser.
+		 * See the comment in sys_rtprio_thread about idprio
+		 * threads holding a lock.
+		 */
+		if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME ||
+		    (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&
+		    !unprivileged_idprio)) {
 			error = priv_check(td, PRIV_SCHED_RTPRIO);
 			if (error)
 				break;


More information about the svn-src-all mailing list