Created attachment 248339 [details] test_sched.c (example) Setting real-time priority (via POSIX API) as regular user doesn't seem to work for non-threaded programs. $ kldload mac_priority $ pw group mod realtime -m ${USER:-$(id -u)} $ cc -o test_sched test_sched.c; ./test_sched test_sched: FAILED: cannot set real-time scheduling priority to 0: Operation not permitted $ cc -DTHREADS -pthread -o test_sched test_sched.c; ./test_sched test_sched: SUCCESS: set real-time scheduling priority to 0
Seems like there's a mismatch with different privileges requested. sys/sys/priv.h defines: #define PRIV_SCHED_DIFFCRED 200 /* Exempt scheduling other users. */ #define PRIV_SCHED_SETPRIORITY 201 /* Can set lower nice value for proc. */ #define PRIV_SCHED_RTPRIO 202 /* Can set real time scheduling. */ #define PRIV_SCHED_SETPOLICY 203 /* Can set scheduler policy. */ #define PRIV_SCHED_SET 204 /* Can set thread scheduler. */ #define PRIV_SCHED_SETPARAM 205 /* Can set thread scheduler params. */ #define PRIV_SCHED_CPUSET 206 /* Can manipulate cpusets. */ #define PRIV_SCHED_CPUSET_INTR 207 /* Can adjust IRQ to CPU binding. */ #define PRIV_SCHED_IDPRIO 208 /* Can set idle time scheduling. */ The call to sched_setscheduler() ends up in sys/kern/p1003_1b.c, checking for the PRIV_SCHED_SET privilege: kern_sched_setscheduler(struct thread *td, struct thread *targettd, int policy, struct sched_param *param) { ... /* Don't allow non root user to set a scheduler policy. */ error = priv_check(td, PRIV_SCHED_SET); if (error) return (error); ... } While mac_priority only grants privileges for PRIV_SCHED_RTPRIO / PRIV_SCHED_SETPOLICY or PRIV_SCHED_IDPRIO. I think sched_setscheduler() does actually set the policy, not the scheduler, so maybe PRIV_SCHED_SETPOLICY would be more appropriate here. I can have a closer look tomorrow.
See review D43835 for a proposed fix.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=2198221bd9df0ceb69945120bc477309a5729241 commit 2198221bd9df0ceb69945120bc477309a5729241 Author: Florian Walpen <dev@submerge.ch> AuthorDate: 2024-02-14 13:50:44 +0000 Commit: Olivier Certner <olce@FreeBSD.org> CommitDate: 2024-02-14 14:24:11 +0000 sched_setscheduler(2): Change realtime privilege check Check for privilege PRIV_SCHED_SETPOLICY instead of PRIV_SCHED_SET, to at least make it coherent with what is done at thread creation when a realtime policy is requested, and have users authorized by mac_priority(4) pass it. This change is good enough in practice since it only allows 'root' (as before) and mac_priority(4)'s authorized users in (the point of this change), without other side effects. More changes in this area, to generally ensure that all privilege checks are consistent, are going to come as olce's priority revamp project lands. (olce: Expanded the explanations.) PR: 276962 Reported by: jbeich Reviewed by: olce Approved by: emaste (mentor) MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D43835 sys/kern/p1003_1b.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=8ff01d01f2e8894bbac9f179f1ab0e83a8160384 commit 8ff01d01f2e8894bbac9f179f1ab0e83a8160384 Author: Florian Walpen <dev@submerge.ch> AuthorDate: 2024-02-14 13:50:44 +0000 Commit: Olivier Certner <olce@FreeBSD.org> CommitDate: 2024-02-14 18:17:14 +0000 sched_setscheduler(2): Change realtime privilege check Check for privilege PRIV_SCHED_SETPOLICY instead of PRIV_SCHED_SET, to at least make it coherent with what is done at thread creation when a realtime policy is requested, and have users authorized by mac_priority(4) pass it. This change is good enough in practice since it only allows 'root' (as before) and mac_priority(4)'s authorized users in (the point of this change), without other side effects. More changes in this area, to generally ensure that all privilege checks are consistent, are going to come as olce's priority revamp project lands. (olce: Expanded the explanations.) PR: 276962 Reported by: jbeich Reviewed by: olce Approved by: emaste (mentor) MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D43835 (cherry picked from commit 2198221bd9df0ceb69945120bc477309a5729241) Approved by: emaste (mentor) Approved by: re (cperciva) sys/kern/p1003_1b.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
A commit in branch releng/13.3 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=1ee910875cd00c6f86f3f64dbc1686ec6d52ab11 commit 1ee910875cd00c6f86f3f64dbc1686ec6d52ab11 Author: Florian Walpen <dev@submerge.ch> AuthorDate: 2024-02-14 13:50:44 +0000 Commit: Olivier Certner <olce@FreeBSD.org> CommitDate: 2024-02-14 18:19:04 +0000 sched_setscheduler(2): Change realtime privilege check Check for privilege PRIV_SCHED_SETPOLICY instead of PRIV_SCHED_SET, to at least make it coherent with what is done at thread creation when a realtime policy is requested, and have users authorized by mac_priority(4) pass it. This change is good enough in practice since it only allows 'root' (as before) and mac_priority(4)'s authorized users in (the point of this change), without other side effects. More changes in this area, to generally ensure that all privilege checks are consistent, are going to come as olce's priority revamp project lands. (olce: Expanded the explanations.) PR: 276962 Reported by: jbeich Reviewed by: olce Approved by: emaste (mentor) MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D43835 (cherry picked from commit 2198221bd9df0ceb69945120bc477309a5729241) (cherry picked from commit 8ff01d01f2e8894bbac9f179f1ab0e83a8160384) Approved by: emaste (mentor) Approved by: re (cperciva) sys/kern/p1003_1b.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=0f0bf1e880c6854859a6e8c2ad97b46a688ee025 commit 0f0bf1e880c6854859a6e8c2ad97b46a688ee025 Author: Florian Walpen <dev@submerge.ch> AuthorDate: 2024-02-14 13:50:44 +0000 Commit: Olivier Certner <olce@FreeBSD.org> CommitDate: 2024-02-20 08:27:08 +0000 sched_setscheduler(2): Change realtime privilege check Check for privilege PRIV_SCHED_SETPOLICY instead of PRIV_SCHED_SET, to at least make it coherent with what is done at thread creation when a realtime policy is requested, and have users authorized by mac_priority(4) pass it. This change is good enough in practice since it only allows 'root' (as before) and mac_priority(4)'s authorized users in (the point of this change), without other side effects. More changes in this area, to generally ensure that all privilege checks are consistent, are going to come as olce's priority revamp project lands. (olce: Expanded the explanations.) PR: 276962 Reported by: jbeich Reviewed by: olce Approved by: emaste (mentor) MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D43835 (cherry picked from commit 2198221bd9df0ceb69945120bc477309a5729241) Approved by: markj (mentor) sys/kern/p1003_1b.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)