diff --git a/share/examples/secmodel/secmodel_example.c b/share/examples/secmodel/secmodel_example.c index 1ada365499f6..8e40dcf01430 100644 --- a/share/examples/secmodel/secmodel_example.c +++ b/share/examples/secmodel/secmodel_example.c @@ -1,4 +1,4 @@ -/* $NetBSD: secmodel_example.c,v 1.23 2008/02/16 16:39:34 elad Exp $ */ +/* $NetBSD: secmodel_example.c,v 1.24 2008/02/28 16:09:18 elad Exp $ */ /* * This file is placed in the public domain. @@ -13,7 +13,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.23 2008/02/16 16:39:34 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.24 2008/02/28 16:09:18 elad Exp $"); #include #include @@ -264,8 +264,6 @@ secmodel_example_process_cb(kauth_cred_t cred, kauth_action_t action, case KAUTH_PROCESS_KEVENT_FILTER: case KAUTH_PROCESS_NICE: case KAUTH_PROCESS_RLIMIT: - case KAUTH_PROCESS_SCHEDULER_GET: - case KAUTH_PROCESS_SCHEDULER_SET: case KAUTH_PROCESS_SCHEDULER_GETAFFINITY: case KAUTH_PROCESS_SCHEDULER_SETAFFINITY: case KAUTH_PROCESS_SCHEDULER_GETPARAM: diff --git a/share/man/man9/kauth.9 b/share/man/man9/kauth.9 index 46a172428f4e..73918de882f4 100644 --- a/share/man/man9/kauth.9 +++ b/share/man/man9/kauth.9 @@ -1,4 +1,4 @@ -.\" $NetBSD: kauth.9,v 1.68 2008/02/16 16:39:34 elad Exp $ +.\" $NetBSD: kauth.9,v 1.69 2008/02/28 16:09:18 elad Exp $ .\" .\" Copyright (c) 2005, 2006 Elad Efrat .\" All rights reserved. @@ -25,7 +25,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 16, 2008 +.Dd February 28, 2008 .Dt KAUTH 9 .Os .Sh NAME @@ -422,18 +422,14 @@ indicates the class of information being viewed, and can either of .Dv KAUTH_REQ_PROCESS_CANSEE_ENV , or .Dv KAUTH_REQ_PROCESS_CANSEE_OPENFILES . -.It Dv KAUTH_PROCESS_SCHEDULER_GET -Checks whether viewing the scheduler policy is allowed. -.It Dv KAUTH_PROCESS_SCHEDULER_SET -Checks whether setting the scheduler policy (class) is allowed. .It Dv KAUTH_PROCESS_SCHEDULER_GETAFFINITY Checks whether viewing the scheduler affinity is allowed. .It Dv KAUTH_PROCESS_SCHEDULER_SETAFFINITY Checks whether setting the scheduler affinity is allowed. .It Dv KAUTH_PROCESS_SCHEDULER_GETPARAMS -Checks whether viewing scheduler parameters is allowed. +Checks whether viewing the scheduler policy and parameters is allowed. .It Dv KAUTH_PROCESS_SCHEDULER_SETPARAMS -Checks whether modifying scheduler parameters is allowed. +Checks whether modifying the scheduler policy and parameters is allowed. .It Dv KAUTH_PROCESS_SIGNAL Checks whether an object with one set of credentials can post signals to another process. diff --git a/sys/compat/freebsd/freebsd_sched.c b/sys/compat/freebsd/freebsd_sched.c index 775def3c73e9..a26938c91c87 100644 --- a/sys/compat/freebsd/freebsd_sched.c +++ b/sys/compat/freebsd/freebsd_sched.c @@ -1,4 +1,4 @@ -/* $NetBSD: freebsd_sched.c,v 1.16 2008/02/16 16:39:35 elad Exp $ */ +/* $NetBSD: freebsd_sched.c,v 1.17 2008/02/28 16:09:19 elad Exp $ */ /*- * Copyright (c) 1999 The NetBSD Foundation, Inc. @@ -42,7 +42,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: freebsd_sched.c,v 1.16 2008/02/16 16:39:35 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: freebsd_sched.c,v 1.17 2008/02/28 16:09:19 elad Exp $"); #include #include @@ -64,6 +64,79 @@ freebsd_sys_yield(struct lwp *l, const void *v, register_t *retval) return 0; } +/* + * XXX: Needs adjustment to do a proper conversion. + */ +static int +sched_freebsd2native(int freebsd_policy, + struct freebsd_sched_param *freebsd_params, int *native_policy, + struct sched_param *native_params) +{ + int error; + + error = 0; + + switch (freebsd_policy) { + case FREEBSD_SCHED_OTHER: + *native_policy = SCHED_OTHER; + break; + + case FREEBSD_SCHED_FIFO: + *native_policy = SCHED_FIFO; + break; + + case FREEBSD_SCHED_RR: + *native_policy = SCHED_RR; + break; + + default: + error = EINVAL; + break; + } + + if (freebsd_params != NULL && native_params != NULL && !error) { + native_params = (struct sched_param *)freebsd_params; + } + + return (error) +} + +/* + * XXX: Needs adjustment to do a proper conversion. + */ +static int +sched_native2freebsd(int native_policy, struct sched_param *native_params, + int *freebsd_policy, struct freebsd_sched_param *freebsd_params) +{ + int error; + + error = 0; + + switch (native_policy) { + case SCHED_OTHER: + *freebsd_policy = FREEBSD_SCHED_OTHER; + break; + + case SCHED_FIFO: + *freebsd_policy = FREEBSD_SCHED_FIFO; + break; + + case SCHED_RR: + *freebsd_policy = FREEBSD_SCHED_RR; + break; + + default: + error = EINVAL; + break; + } + + if (native_params != NULL && freebsd_params != NULL && !error) { + freebsd_params = (struct freebsd_sched_param *)native_params; + } + + return (error) +} + int freebsd_sys_sched_setparam(struct lwp *l, const struct freebsd_sys_sched_setparam_args *uap, register_t *retval) { @@ -71,29 +144,36 @@ freebsd_sys_sched_setparam(struct lwp *l, const struct freebsd_sys_sched_setpara syscallarg(pid_t) pid; syscallarg(const struct freebsd_sched_param *) sp; } */ - int error; + int error, policy; struct freebsd_sched_param lp; - struct proc *p; + struct sched_param sp; - /* - * We only check for valid parameters and return afterwards. - */ - if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) - return EINVAL; + if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) { + error = EINVAL; + goto out; + } error = copyin(SCARG(uap, sp), &lp, sizeof(lp)); if (error) - return error; + goto out; - mutex_enter(&proclist_lock); - p = p_find(SCARG(uap, pid), PFIND_LOCKED | PFIND_UNLOCK_FAIL); - if (p == NULL) - error = ESRCH; - else - error = kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_SETPARAM, p, NULL, NULL, NULL); - mutex_exit(&proclist_lock); + /* We need the current policy in FreeBSD terms. */ + error = do_sched_getparam(SCARG(uap, pid), 0, &policy, NULL); + if (error) + goto out; + error = sched_native2freebsd(policy, NULL, &policy, NULL); + if (error) + goto out; + error = sched_freebsd2native(policy, &lp, &policy, &sp); + if (error) + goto out; + + error = do_sched_setparam(SCARG(uap, pid), 0, policy, &sp); + if (error) + goto out; + + out: return error; } @@ -105,30 +185,28 @@ freebsd_sys_sched_getparam(struct lwp *l, const struct freebsd_sys_sched_getpara syscallarg(struct freebsd_sched_param *) sp; } */ struct freebsd_sched_param lp; + struct sched_param sp; int error; - struct proc *p; - /* - * We only check for valid parameters and return a dummy - * priority afterwards. - */ - if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) - return EINVAL; - - mutex_enter(&proclist_lock); - p = p_find(SCARG(uap, pid), PFIND_LOCKED | PFIND_UNLOCK_FAIL); - if (p == NULL) - error = ESRCH; - else - error = kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_GETPARAM, p, NULL, NULL, NULL); - mutex_exit(&proclist_lock); + if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) { + error = EINVAL; + goto out; + } + error = do_sched_getparam(SCARG(uap, pid), 0, NULL, &sp); if (error) - return error; + goto out; - lp.sched_priority = 0; - return copyout(&lp, SCARG(uap, sp), sizeof(lp)); + error = sched_native2freebsd(0, &sp, NULL, &lp); + if (error) + goto out; + + error = copyout(&lp, SCARG(uap, sp), sizeof(lp)); + if (error) + goto out; + + out: + return (error); } int @@ -139,39 +217,29 @@ freebsd_sys_sched_setscheduler(struct lwp *l, const struct freebsd_sys_sched_set syscallarg(int) policy; syscallarg(cont struct freebsd_sched_scheduler *) sp; } */ - int error; + int error, policy; struct freebsd_sched_param lp; - struct proc *p; + struct sched_param sp; - /* - * We only check for valid parameters and return afterwards. - */ - if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) - return EINVAL; + if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) { + error = EINVAL; + goto out; + } error = copyin(SCARG(uap, sp), &lp, sizeof(lp)); if (error) - return error; - - mutex_enter(&proclist_lock); - p = p_find(SCARG(uap, pid), PFIND_LOCKED | PFIND_UNLOCK_FAIL); - if (p == NULL) - error = ESRCH; - else - error = kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_SET, p, NULL, NULL, NULL); - mutex_exit(&proclist_lock); + goto out; + error = sched_freebsd2native(SCARG(uap, policy), &lp, &policy, &sp); if (error) - return error; + goto out; - /* - * We can't emulate anything put the default scheduling policy. - */ - if (SCARG(uap, policy) != FREEBSD_SCHED_OTHER || lp.sched_priority != 0) - return EINVAL; + error = do_sched_setparam(SCARG(uap, pid), 0, policy, &sp); + if (error) + goto out; - return 0; + out: + return error; } int @@ -180,31 +248,22 @@ freebsd_sys_sched_getscheduler(struct lwp *l, const struct freebsd_sys_sched_get /* { syscallarg(pid_t) pid; } */ - int error; - struct proc *p; + int error, policy; *retval = -1; - /* - * We only check for valid parameters and return afterwards. - */ - mutex_enter(&proclist_lock); - p = p_find(SCARG(uap, pid), PFIND_LOCKED | PFIND_UNLOCK_FAIL); - if (p == NULL) - error = ESRCH; - else - error = kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_GET, p, NULL, NULL, NULL); - mutex_exit(&proclist_lock); - + error = do_sched_getparam(l, SCARG(uap, pid), 0, &policy, NULL); if (error) - return error; + goto out; - /* - * We can't emulate anything put the default scheduling policy. - */ - *retval = FREEBSD_SCHED_OTHER; - return 0; + error = sched_native2freebsd(policy, NULL, &policy, NULL); + if (error) + goto out; + + *retval = policy; + + out: + return error; } int diff --git a/sys/compat/linux/common/linux_sched.c b/sys/compat/linux/common/linux_sched.c index c5915a0efc25..76360ce308e5 100644 --- a/sys/compat/linux/common/linux_sched.c +++ b/sys/compat/linux/common/linux_sched.c @@ -1,4 +1,4 @@ -/* $NetBSD: linux_sched.c,v 1.48 2008/02/16 16:39:35 elad Exp $ */ +/* $NetBSD: linux_sched.c,v 1.49 2008/02/28 16:09:18 elad Exp $ */ /*- * Copyright (c) 1999 The NetBSD Foundation, Inc. @@ -42,7 +42,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: linux_sched.c,v 1.48 2008/02/16 16:39:35 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: linux_sched.c,v 1.49 2008/02/28 16:09:18 elad Exp $"); #include #include @@ -141,6 +141,121 @@ linux_sys_clone(struct lwp *l, const struct linux_sys_clone_args *uap, register_ return 0; } +/* + * linux realtime priority + * + * - SCHED_RR and SCHED_FIFO tasks have priorities [1,99]. + * + * - SCHED_OTHER tasks don't have realtime priorities. + * in particular, sched_param::sched_priority is always 0. + */ + +#define LINUX_SCHED_RTPRIO_MIN 1 +#define LINUX_SCHED_RTPRIO_MAX 99 + +static int +sched_linux2native(int linux_policy, struct linux_sched_param *linux_params, + int *native_policy, struct sched_param *native_params) +{ + + switch (linux_policy) { + case LINUX_SCHED_OTHER: + if (native_policy != NULL) { + *native_policy = SCHED_OTHER; + } + break; + + case LINUX_SCHED_FIFO: + if (native_policy != NULL) { + *native_policy = SCHED_FIFO; + } + break; + + case LINUX_SCHED_RR: + if (native_policy != NULL) { + *native_policy = SCHED_RR; + } + break; + + default: + return EINVAL; + } + + if (linux_params != NULL) { + int prio = linux_params->sched_priority; + + KASSERT(native_params != NULL); + + if (linux_policy == LINUX_SCHED_OTHER) { + if (prio != 0) { + return EINVAL; + } + native_params->sched_priority = PRI_NONE; /* XXX */ + } else { + if (prio < LINUX_SCHED_RTPRIO_MIN || + prio > LINUX_SCHED_RTPRIO_MAX) { + return EINVAL; + } + native_params->sched_priority = + (prio - LINUX_SCHED_RTPRIO_MIN) + * (SCHED_PRI_MAX - SCHED_PRI_MIN) + / (LINUX_SCHED_RTPRIO_MAX - LINUX_SCHED_RTPRIO_MIN) + + SCHED_PRI_MIN; + } + } + + return 0; +} + +static int +sched_native2linux(int native_policy, struct sched_param *native_params, + int *linux_policy, struct linux_sched_param *linux_params) +{ + + switch (native_policy) { + case SCHED_OTHER: + if (linux_policy != NULL) { + *linux_policy = LINUX_SCHED_OTHER; + } + break; + + case SCHED_FIFO: + if (linux_policy != NULL) { + *linux_policy = LINUX_SCHED_FIFO; + } + break; + + case SCHED_RR: + if (linux_policy != NULL) { + *linux_policy = LINUX_SCHED_RR; + } + break; + + default: + panic("%s: unknown policy %d\n", __func__, native_policy); + } + + if (native_params != NULL) { + int prio = native_params->sched_priority; + + KASSERT(prio >= SCHED_PRI_MIN); + KASSERT(prio <= SCHED_PRI_MAX); + KASSERT(linux_params != NULL); + + if (native_policy == SCHED_OTHER) { + linux_params->sched_priority = 0; + } else { + linux_params->sched_priority = + (prio - SCHED_PRI_MIN) + * (LINUX_SCHED_RTPRIO_MAX - LINUX_SCHED_RTPRIO_MIN) + / (SCHED_PRI_MAX - SCHED_PRI_MIN) + + LINUX_SCHED_RTPRIO_MIN; + } + } + + return 0; +} + int linux_sys_sched_setparam(struct lwp *l, const struct linux_sys_sched_setparam_args *uap, register_t *retval) { @@ -148,31 +263,37 @@ linux_sys_sched_setparam(struct lwp *l, const struct linux_sys_sched_setparam_ar syscallarg(linux_pid_t) pid; syscallarg(const struct linux_sched_param *) sp; } */ - int error; + int error, policy; struct linux_sched_param lp; - struct proc *p; + struct sched_param sp; -/* - * We only check for valid parameters and return afterwards. - */ - - if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) - return EINVAL; + if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) { + error = EINVAL; + goto out; + } error = copyin(SCARG(uap, sp), &lp, sizeof(lp)); if (error) - return error; + goto out; - if (SCARG(uap, pid) != 0) { - if ((p = pfind(SCARG(uap, pid))) == NULL) - return ESRCH; + /* We need the current policy in Linux terms. */ + error = do_sched_getparam(SCARG(uap, pid), 0, &policy, NULL); + if (error) + goto out; + error = sched_native2linux(policy, NULL, &policy, NULL); + if (error) + goto out; - if (kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_SETPARAM, p, NULL, NULL, NULL) != 0) - return EPERM; - } + error = sched_linux2native(policy, &lp, &policy, &sp); + if (error) + goto out; - return 0; + error = do_sched_setparam(SCARG(uap, pid), 0, policy, &sp); + if (error) + goto out; + + out: + return error; } int @@ -182,26 +303,29 @@ linux_sys_sched_getparam(struct lwp *l, const struct linux_sys_sched_getparam_ar syscallarg(linux_pid_t) pid; syscallarg(struct linux_sched_param *) sp; } */ - struct proc *p; struct linux_sched_param lp; + struct sched_param sp; + int error; -/* - * We only check for valid parameters and return a dummy priority afterwards. - */ - if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) - return EINVAL; - - if (SCARG(uap, pid) != 0) { - if ((p = pfind(SCARG(uap, pid))) == NULL) - return ESRCH; - - if (kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_GETPARAM, p, NULL, NULL, NULL) != 0) - return EPERM; + if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) { + error = EINVAL; + goto out; } - lp.sched_priority = 0; - return copyout(&lp, SCARG(uap, sp), sizeof(lp)); + error = do_sched_getparam(SCARG(uap, pid), 0, NULL, &sp); + if (error) + goto out; + + error = sched_native2linux(0, &sp, NULL, &lp); + if (error) + goto out; + + error = copyout(&lp, SCARG(uap, sp), sizeof(lp)); + if (error) + goto out; + + out: + return error; } int @@ -212,38 +336,29 @@ linux_sys_sched_setscheduler(struct lwp *l, const struct linux_sys_sched_setsche syscallarg(int) policy; syscallarg(cont struct linux_sched_scheduler *) sp; } */ - int error; + int error, policy; struct linux_sched_param lp; - struct proc *p; + struct sched_param sp; -/* - * We only check for valid parameters and return afterwards. - */ - - if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) - return EINVAL; + if (SCARG(uap, pid) < 0 || SCARG(uap, sp) == NULL) { + error = EINVAL; + goto out; + } error = copyin(SCARG(uap, sp), &lp, sizeof(lp)); if (error) - return error; + goto out; - if (SCARG(uap, pid) != 0) { - if ((p = pfind(SCARG(uap, pid))) == NULL) - return ESRCH; + error = sched_linux2native(SCARG(uap, policy), &lp, &policy, &sp); + if (error) + goto out; - if (kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_SET, p, NULL, NULL, NULL) != 0) - return EPERM; - } + error = do_sched_setparam(SCARG(uap, pid), 0, policy, &sp); + if (error) + goto out; - return 0; -/* - * We can't emulate anything put the default scheduling policy. - */ - if (SCARG(uap, policy) != LINUX_SCHED_OTHER || lp.sched_priority != 0) - return EINVAL; - - return 0; + out: + return error; } int @@ -252,27 +367,22 @@ linux_sys_sched_getscheduler(struct lwp *l, const struct linux_sys_sched_getsche /* { syscallarg(linux_pid_t) pid; } */ - struct proc *p; + int error, policy; *retval = -1; -/* - * We only check for valid parameters and return afterwards. - */ - if (SCARG(uap, pid) != 0) { - if ((p = pfind(SCARG(uap, pid))) == NULL) - return ESRCH; + error = do_sched_getparam(SCARG(uap, pid), 0, &policy, NULL); + if (error) + goto out; - if (kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_GET, p, NULL, NULL, NULL) != 0) - return EPERM; - } + error = sched_native2linux(policy, NULL, &policy, NULL); + if (error) + goto out; -/* - * We can't emulate anything put the default scheduling policy. - */ - *retval = LINUX_SCHED_OTHER; - return 0; + *retval = policy; + + out: + return error; } int diff --git a/sys/kern/sys_sched.c b/sys/kern/sys_sched.c index 01d4e78fb475..882ee4f5bf3b 100644 --- a/sys/kern/sys_sched.c +++ b/sys/kern/sys_sched.c @@ -1,4 +1,4 @@ -/* $NetBSD: sys_sched.c,v 1.17 2008/02/22 23:10:12 ad Exp $ */ +/* $NetBSD: sys_sched.c,v 1.18 2008/02/28 16:09:19 elad Exp $ */ /* * Copyright (c) 2008, Mindaugas Rasiukevicius @@ -35,7 +35,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sys_sched.c,v 1.17 2008/02/22 23:10:12 ad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sys_sched.c,v 1.18 2008/02/28 16:09:19 elad Exp $"); #include @@ -95,35 +95,19 @@ convert_pri(lwp_t *l, int policy, pri_t pri) return l->l_class; } -/* - * Set scheduling parameters. - */ int -sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap, - register_t *retval) +do_sched_setparam(pid_t pid, lwpid_t lid, int policy, + const struct sched_param *params) { - /* { - syscallarg(pid_t) pid; - syscallarg(lwpid_t) lid; - syscallarg(int) policy; - syscallarg(const struct sched_param *) params; - } */ - struct sched_param param; struct proc *p; struct lwp *t; - lwpid_t lid; - u_int lcnt; - int policy; pri_t pri; + u_int lcnt; int error; - /* Get the parameters from the user-space */ - error = copyin(SCARG(uap, params), ¶m, sizeof(param)); - if (error) { - return error; - } - pri = param.sched_priority; - policy = SCARG(uap, policy); + error = 0; + + pri = params->sched_priority; /* If no parameters specified, just return (this should not happen) */ if (pri == PRI_NONE && policy == SCHED_NONE) @@ -137,9 +121,9 @@ sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap, if (pri != PRI_NONE && (pri < SCHED_PRI_MIN || pri > SCHED_PRI_MAX)) return EINVAL; - if (SCARG(uap, pid) != 0) { + if (pid != 0) { /* Find the process */ - p = p_find(SCARG(uap, pid), PFIND_UNLOCK_FAIL); + p = p_find(pid, PFIND_UNLOCK_FAIL); if (p == NULL) return ESRCH; mutex_enter(&p->p_smutex); @@ -151,13 +135,12 @@ sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap, } } else { /* Use the calling process */ - p = l->l_proc; + p = curlwp->l_proc; mutex_enter(&p->p_smutex); } /* Find the LWP(s) */ lcnt = 0; - lid = SCARG(uap, lid); LIST_FOREACH(t, &p->p_lwps, l_sibling) { pri_t kpri; int lpolicy; @@ -180,7 +163,7 @@ sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap, kpri = convert_pri(t, lpolicy, pri); /* Check the permission */ - error = kauth_authorize_process(l->l_cred, + error = kauth_authorize_process(kauth_cred_get(), KAUTH_PROCESS_SCHEDULER_SETPARAM, p, t, KAUTH_ARG(lpolicy), KAUTH_ARG(kpri)); if (error) { @@ -202,6 +185,81 @@ sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap, return (lcnt == 0) ? ESRCH : error; } +/* + * Set scheduling parameters. + */ +int +sys__sched_setparam(struct lwp *l, const struct sys__sched_setparam_args *uap, + register_t *retval) +{ + /* { + syscallarg(pid_t) pid; + syscallarg(lwpid_t) lid; + syscallarg(int) policy; + syscallarg(const struct sched_param *) params; + } */ + struct sched_param params; + int error; + + /* Get the parameters from the user-space */ + error = copyin(SCARG(uap, params), ¶ms, sizeof(params)); + if (error) + goto out; + + error = do_sched_setparam(SCARG(uap, pid), SCARG(uap, lid), + SCARG(uap, policy), ¶ms); + + out: + return (error); +} + +int +do_sched_getparam(pid_t pid, lwpid_t lid, int *policy, + struct sched_param *params) +{ + struct sched_param lparams; + struct lwp *t; + int error, lpolicy; + + /* Locks the LWP */ + t = lwp_find2(pid, lid); + if (t == NULL) { + error = ESRCH; + goto out; + } + + /* Check the permission */ + error = kauth_authorize_process(kauth_cred_get(), + KAUTH_PROCESS_SCHEDULER_GETPARAM, t->l_proc, NULL, NULL, NULL); + if (error != 0) { + lwp_unlock(t); + goto out; + } + + lparams.sched_priority = t->l_priority; + lpolicy = t->l_class; + lwp_unlock(t); + + switch (lpolicy) { + case SCHED_OTHER: + lparams.sched_priority -= PRI_USER; + break; + case SCHED_RR: + case SCHED_FIFO: + lparams.sched_priority -= PRI_USER_RT; + break; + } + + if (policy != NULL) + *policy = lpolicy; + + if (params != NULL) + *params = lparams; + + out: + return error; +} + /* * Get scheduling parameters. */ @@ -215,40 +273,20 @@ sys__sched_getparam(struct lwp *l, const struct sys__sched_getparam_args *uap, syscallarg(int *) policy; syscallarg(struct sched_param *) params; } */ - struct sched_param param; - struct lwp *t; + struct sched_param params; int error, policy; - /* Locks the LWP */ - t = lwp_find2(SCARG(uap, pid), SCARG(uap, lid)); - if (t == NULL) - return ESRCH; + error = do_sched_getparam(SCARG(uap, pid), SCARG(uap, lid), &policy, + ¶ms); + if (error) + goto out; - /* Check the permission */ - error = kauth_authorize_process(l->l_cred, - KAUTH_PROCESS_SCHEDULER_GETPARAM, t->l_proc, NULL, NULL, NULL); - if (error != 0) { - lwp_unlock(t); - return error; - } - - param.sched_priority = t->l_priority; - policy = t->l_class; - lwp_unlock(t); - - switch (policy) { - case SCHED_OTHER: - param.sched_priority -= PRI_USER; - break; - case SCHED_RR: - case SCHED_FIFO: - param.sched_priority -= PRI_USER_RT; - break; - } - error = copyout(¶m, SCARG(uap, params), sizeof(param)); + error = copyout(¶ms, SCARG(uap, params), sizeof(params)); if (error == 0 && SCARG(uap, policy) != NULL) error = copyout(&policy, SCARG(uap, policy), sizeof(int)); - return error; + + out: + return (error); } /* diff --git a/sys/secmodel/bsd44/secmodel_bsd44_suser.c b/sys/secmodel/bsd44/secmodel_bsd44_suser.c index ff18e6a5a215..5b3b3940da0f 100644 --- a/sys/secmodel/bsd44/secmodel_bsd44_suser.c +++ b/sys/secmodel/bsd44/secmodel_bsd44_suser.c @@ -1,4 +1,4 @@ -/* $NetBSD: secmodel_bsd44_suser.c,v 1.54 2008/02/27 21:59:26 elad Exp $ */ +/* $NetBSD: secmodel_bsd44_suser.c,v 1.55 2008/02/28 16:09:19 elad Exp $ */ /*- * Copyright (c) 2006 Elad Efrat * All rights reserved. @@ -38,7 +38,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.54 2008/02/27 21:59:26 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.55 2008/02/28 16:09:19 elad Exp $"); #include #include @@ -689,8 +689,6 @@ secmodel_bsd44_suser_process_cb(kauth_cred_t cred, kauth_action_t action, break; } - case KAUTH_PROCESS_SCHEDULER_GET: - case KAUTH_PROCESS_SCHEDULER_SET: case KAUTH_PROCESS_SCHEDULER_GETPARAM: if (isroot || kauth_cred_uidmatch(cred, p->p_cred)) result = KAUTH_RESULT_ALLOW; diff --git a/sys/sys/kauth.h b/sys/sys/kauth.h index e404220e9c06..fa7b6eb1840a 100644 --- a/sys/sys/kauth.h +++ b/sys/sys/kauth.h @@ -1,4 +1,4 @@ -/* $NetBSD: kauth.h,v 1.50 2008/02/16 16:39:34 elad Exp $ */ +/* $NetBSD: kauth.h,v 1.51 2008/02/28 16:09:19 elad Exp $ */ /*- * Copyright (c) 2005, 2006 Elad Efrat @@ -138,8 +138,6 @@ enum { KAUTH_PROCESS_PROCFS, KAUTH_PROCESS_PTRACE, KAUTH_PROCESS_RLIMIT, - KAUTH_PROCESS_SCHEDULER_GET, - KAUTH_PROCESS_SCHEDULER_SET, KAUTH_PROCESS_SCHEDULER_GETAFFINITY, KAUTH_PROCESS_SCHEDULER_SETAFFINITY, KAUTH_PROCESS_SCHEDULER_GETPARAM, diff --git a/sys/sys/sched.h b/sys/sys/sched.h index c0047e47de27..a431e469d6e3 100644 --- a/sys/sys/sched.h +++ b/sys/sys/sched.h @@ -1,4 +1,4 @@ -/* $NetBSD: sched.h,v 1.48 2008/02/14 14:26:58 ad Exp $ */ +/* $NetBSD: sched.h,v 1.49 2008/02/28 16:09:19 elad Exp $ */ /*- * Copyright (c) 1999, 2000, 2001, 2002, 2007 The NetBSD Foundation, Inc. @@ -253,5 +253,8 @@ int mi_switch(struct lwp *); void resched_cpu(struct lwp *); void updatertime(lwp_t *, const struct bintime *); +int do_sched_setparam(pid_t, lwpid_t, int, const struct sched_param *); +int do_sched_getparam(pid_t, lwpid_t, int *, struct sched_param *); + #endif /* _KERNEL */ #endif /* _SYS_SCHED_H_ */