Attachment #229555 for bug #239125




}

static int unprivileged_idprio;
SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_idprio, CTLFLAG_RWTUN,
    &unprivileged_idprio, 0, "Allow non-root users to set an idle priority");

static int unprivileged_rtprio;
SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_rtprio, CTLFLAG_RWTUN,
    &unprivileged_rtprio, 0, "Allow non-root users to set a realtime priority");

static int
priv_check_priority(struct thread *td, const struct rtprio *rtp)
{
	switch (RTP_PRIO_BASE(rtp->type)) {
	case RTP_PRIO_REALTIME:
		if (unprivileged_rtprio)
			return (0);
		break;
	case RTP_PRIO_IDLE:
		if (unprivileged_idprio)
			return (0);
		break;
	default:
		return (0);
	}
	return (priv_check(td, PRIV_SCHED_RTPRIO));
}

/*
 * Set realtime priority for LWP.
 */

		 * easier to lock a resource indefinitely, but it is not the
		 * only thing that makes it possible.
		 */
		error = priv_check_priority(td, &rtp);
		if (error)
			break;
			error = priv_check(td, PRIV_SCHED_RTPRIO);
			if (error)
				break;
		}
		error = rtp_to_pri(&rtp, td1);
		break;
	default:

		 * See the comment in sys_rtprio_thread about idprio
		 * threads holding a lock.
		 */
		error = priv_check_priority(td, &rtp);
		if (error)
			break;
			error = priv_check(td, PRIV_SCHED_RTPRIO);
			if (error)
				break;
		}

		/*
		 * If we are setting our own priority, set just our

Lines 30-36 Link Here

(-)b/usr.sbin/rtprio/rtprio.1 (-1 / +6 lines)
30	.\"	30	.\"
31	.\" $FreeBSD$	31	.\" $FreeBSD$
32	.\"	32	.\"
33	.Dd September 29, 2012	33	.Dd November 17, 2021
34	.Dt RTPRIO 1	34	.Dt RTPRIO 1
35	.Os	35	.Os
36	.Sh NAME	36	.Sh NAME
Lines 118-123 A user may modify the idle priority of their own processes if the Link Here
118	variable	118	variable
119	.Va security.bsd.unprivileged_idprio	119	.Va security.bsd.unprivileged_idprio
120	is set to non-zero.	120	is set to non-zero.
		121	A user may modify the realtime priority of their own processes if the
		122	.Xr sysctl 8
		123	variable
		124	.Va security.bsd.unprivileged_rtprio
		125	is set to non-zero.
121	Note that this increases the chance that a deadlock can occur	126	Note that this increases the chance that a deadlock can occur
122	if a process locks a required resource and then does	127	if a process locks a required resource and then does
123	not get to run.	128	not get to run.

Return to bug 239125

Lines 283-291 donice(struct thread td, struct proc p, int n) Link Here

(-)b/sys/kern/kern_resource.c (-15 / +29 lines)
283	}	283	}
284		284
285	static int unprivileged_idprio;	285	static int unprivileged_idprio;
286	SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_idprio, CTLFLAG_RW,	286	SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_idprio, CTLFLAG_RWTUN,
287	&unprivileged_idprio, 0, "Allow non-root users to set an idle priority");	287	&unprivileged_idprio, 0, "Allow non-root users to set an idle priority");
288		288
		289	static int unprivileged_rtprio;
		290	SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_rtprio, CTLFLAG_RWTUN,
		291	&unprivileged_rtprio, 0, "Allow non-root users to set a realtime priority");
		292
		293	static int
		294	priv_check_priority(struct thread td, const struct rtprio rtp)
		295	{
		296	switch (RTP_PRIO_BASE(rtp->type)) {
		297	case RTP_PRIO_REALTIME:
		298	if (unprivileged_rtprio)
		299	return (0);
		300	break;
		301	case RTP_PRIO_IDLE:
		302	if (unprivileged_idprio)
		303	return (0);
		304	break;
		305	default:
		306	return (0);
		307	}
		308	return (priv_check(td, PRIV_SCHED_RTPRIO));
		309	}
		310
289	/*	311	/*
290	* Set realtime priority for LWP.	312	* Set realtime priority for LWP.
291	*/	313	*/
Lines 350-362 sys_rtprio_thread(struct thread td, struct rtprio_thread_args uap) Link Here
350	* easier to lock a resource indefinitely, but it is not the	372	* easier to lock a resource indefinitely, but it is not the
351	* only thing that makes it possible.	373	* only thing that makes it possible.
352	*/	374	*/
353	if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME \|\|	375	error = priv_check_priority(td, &rtp);
354	(RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&	376	if (error)
355	unprivileged_idprio == 0)) {	377	break;
356	error = priv_check(td, PRIV_SCHED_RTPRIO);
357	if (error)
358	break;
359	}
360	error = rtp_to_pri(&rtp, td1);	378	error = rtp_to_pri(&rtp, td1);
361	break;	379	break;
362	default:	380	default:
Lines 440-452 sys_rtprio(struct thread td, struct rtprio_args uap) Link Here
440	* See the comment in sys_rtprio_thread about idprio	458	* See the comment in sys_rtprio_thread about idprio
441	* threads holding a lock.	459	* threads holding a lock.
442	*/	460	*/
443	if (RTP_PRIO_BASE(rtp.type) == RTP_PRIO_REALTIME \|\|	461	error = priv_check_priority(td, &rtp);
444	(RTP_PRIO_BASE(rtp.type) == RTP_PRIO_IDLE &&	462	if (error)
445	!unprivileged_idprio)) {	463	break;
446	error = priv_check(td, PRIV_SCHED_RTPRIO);
447	if (error)
448	break;
449	}
450		464
451	/*	465	/*
452	* If we are setting our own priority, set just our	466	* If we are setting our own priority, set just our