From nobody Sun Dec 19 02:44:37 2021 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 62C7518E4ED1; Sun, 19 Dec 2021 02:44:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JGn9y3Cvpz4qgJ; Sun, 19 Dec 2021 02:44:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3FA3D1AE9F; Sun, 19 Dec 2021 02:44:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BJ2ib0G012788; Sun, 19 Dec 2021 02:44:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BJ2ibJ3012787; Sun, 19 Dec 2021 02:44:37 GMT (envelope-from git) Date: Sun, 19 Dec 2021 02:44:37 GMT Message-Id: <202112190244.1BJ2ibJ3012787@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 30c3a5f24825 - stable/13 - Add idle priority scheduling privilege group to MAC/priority List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 30c3a5f24825a8180ec18adb2921457436b3eb08 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1639881878; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=CAmtkEoFi2Wpqe8wR8JGleYtWFqKywoHLwJsrp9cyCM=; b=AUJUlxww7gDVn8um8v76VLcoKfK5CtsFewcTa3MVmt1sfG7fIjn7JMQW5s3DEvWz3mekF1 AL2uZ6drWoU0WWmWfDML789Oq8DK7OL0hy9eABWCNEd7U9vjXNjNpFjnHJ1ZyoQGHP1V1p NWA2jiQyZAnoWaVMP3OPSvTzJsqBjXcKJ6Rr5YMU5JIyYFjL+fLMBzLc+OS88DEE+KA5Es dDKXJmPMRyYDnLKBtf+2GBvZ/haEIeROm5CxUC++o0cEhI0JspKD/eaHhPKhaeR9tvbIjM xCITYYOQ5I7hL0f5bsaYWj11ZWd+7T4wOj55hFpwL1D4I5x+m+75+ImVJB5cIQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639881878; a=rsa-sha256; cv=none; b=m2K36bKiyk/GlbXK2XzOuCZ67a1EafanS6Wt0V/+5BWmTy5zPiJ0+Nc/PQxi/S0SYAfm5P mJFFuxDjxJHVlBkABV/tU49+6ELfz+mV96j7OwqyiqxY2C3Gko9FPeRLsfKIZ2q3maKn4i ejh08yT+Z6I6jc3tmrqu0y3mCg0qSOOQnxM4nC5YsABJz24DORZ1nD0gAppFUk/Kd/CUVt wczZvoZ/RGt1yZa1qZUwEFWiNbBdL0Vy8Gqgvuvns5Vfh+YQDvgkstJZ13wqMaeRxvDTMX jLNMpH3X2TkNHDALEOvbIJ8iU05MeTZI+vcIGcVbjnGxQsybt4c//L55ZqPTkQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=30c3a5f24825a8180ec18adb2921457436b3eb08 commit 30c3a5f24825a8180ec18adb2921457436b3eb08 Author: Florian Walpen AuthorDate: 2021-12-10 01:35:38 +0000 Commit: Konstantin Belousov CommitDate: 2021-12-19 02:42:51 +0000 Add idle priority scheduling privilege group to MAC/priority (cherry picked from commit a9545eede43b8fac889f3ec3180f5917f0d0b0ea) --- etc/group | 1 + lib/libc/sys/rtprio.2 | 18 +++++++++--------- share/man/man4/mac_priority.4 | 30 ++++++++++++++++++++++++++---- sys/kern/kern_resource.c | 3 ++- sys/security/mac_priority/mac_priority.c | 17 ++++++++++++++++- sys/sys/conf.h | 1 + usr.sbin/rtprio/rtprio.1 | 13 ++++++++----- 7 files changed, 63 insertions(+), 20 deletions(-) diff --git a/etc/group b/etc/group index 9986f1e2ed69..2a24f55303ca 100644 --- a/etc/group +++ b/etc/group @@ -19,6 +19,7 @@ mailnull:*:26: guest:*:31: video:*:44: realtime:*:47: +idletime:*:48: bind:*:53: unbound:*:59: proxy:*:62: diff --git a/lib/libc/sys/rtprio.2 b/lib/libc/sys/rtprio.2 index 37a66ec79ddf..650e841b1075 100644 --- a/lib/libc/sys/rtprio.2 +++ b/lib/libc/sys/rtprio.2 @@ -53,7 +53,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 29, 2021 +.Dd December 8, 2021 .Dt RTPRIO 2 .Os .Sh NAME @@ -167,19 +167,19 @@ The specified .Fa prio was out of range. .It Bq Er EPERM -The calling thread is not allowed to set the realtime priority. +The calling thread is not allowed to set the priority. Only -root is allowed to change the realtime priority of any thread, -exceptional privileges can be granted through the +root is allowed to change the realtime or idle priority of any thread. +Exceptional privileges can be granted through the .Xr mac_priority 4 -policy and the realtime user group. -Non-root -may only change the idle priority of threads the user owns, -when the +policy and the realtime and idletime user groups. +The .Xr sysctl 8 variable .Va security.bsd.unprivileged_idprio -is set to non-zero. +is deprecated. +If set to non-zero, it lets any user change the idle priority of threads +they own. .It Bq Er ESRCH The specified process or thread was not found or visible. .El diff --git a/share/man/man4/mac_priority.4 b/share/man/man4/mac_priority.4 index 3d9df723def9..6dfb937d1596 100644 --- a/share/man/man4/mac_priority.4 +++ b/share/man/man4/mac_priority.4 @@ -21,7 +21,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd November 29, 2021 +.Dd December 7, 2021 .Dt MAC_PRIORITY 4 .Os .Sh NAME @@ -56,6 +56,10 @@ Users or processes in the group .Sq realtime (gid 47) are allowed to run threads and processes with realtime scheduling priority. +Users or processes in the group +.Sq idletime +(gid 48) are allowed to run threads and processes with idle scheduling +priority. .Pp With the .Nm @@ -66,11 +70,22 @@ Privileged applications can promote threads and processes to realtime priority through the .Xr rtprio 2 system calls. +.Pp +When the idletime policy is active, privileged users may use the +.Xr idprio 1 +utility to start processes with idle priority. +Privileged applications can demote threads and processes to idle +priority through the +.Xr rtprio 2 +system calls. .Ss Privileges Granted -The kernel privilege granted to any process running -with the configured realtime group gid is: -.Bl -inset -compact -offset indent +The kernel privileges granted to any process running +with the corresponding group gid is: +.Bl -tag -width ".Dv PRIV_SCHED_RTPRIO" -offset indent .It Dv PRIV_SCHED_RTPRIO +If it is a member of the realtime group. +.It Dv PRIV_SCHED_IDPRIO +If it is a member of the idletime group. .El .Ss Runtime Configuration The following @@ -89,8 +104,15 @@ Enable the realtime policy. .It Va security.mac.priority.realtime_gid The numeric gid of the realtime group. (Default: 47). +.It Va security.mac.priority.idletime +Enable the idletime policy. +(Default: 1). +.It Va security.mac.priority.idletime_gid +The numeric gid of the idletime group. +(Default: 48). .El .Sh SEE ALSO +.Xr idprio 1 , .Xr rtprio 1 , .Xr rtprio 2 , .Xr mac 4 diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index 1cb6cc2a36fd..0ea863917727 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -284,7 +284,8 @@ donice(struct thread *td, struct proc *p, int n) static int unprivileged_idprio; SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_idprio, CTLFLAG_RW, - &unprivileged_idprio, 0, "Allow non-root users to set an idle priority"); + &unprivileged_idprio, 0, + "Allow non-root users to set an idle priority (deprecated)"); /* * Set realtime priority for LWP. diff --git a/sys/security/mac_priority/mac_priority.c b/sys/security/mac_priority/mac_priority.c index faf9455aa098..5c4db72ca657 100644 --- a/sys/security/mac_priority/mac_priority.c +++ b/sys/security/mac_priority/mac_priority.c @@ -44,19 +44,34 @@ static SYSCTL_NODE(_security_mac, OID_AUTO, priority, static int realtime_enabled = 1; SYSCTL_INT(_security_mac_priority, OID_AUTO, realtime, CTLFLAG_RWTUN, &realtime_enabled, 0, - "Enable realtime policy for group realtime_gid"); + "Enable realtime priority scheduling for group realtime_gid"); static int realtime_gid = GID_RT_PRIO; SYSCTL_INT(_security_mac_priority, OID_AUTO, realtime_gid, CTLFLAG_RWTUN, &realtime_gid, 0, "Group id of the realtime privilege group"); +static int idletime_enabled = 1; +SYSCTL_INT(_security_mac_priority, OID_AUTO, idletime, CTLFLAG_RWTUN, + &idletime_enabled, 0, + "Enable idle priority scheduling for group idletime_gid"); + +static int idletime_gid = GID_ID_PRIO; +SYSCTL_INT(_security_mac_priority, OID_AUTO, idletime_gid, CTLFLAG_RWTUN, + &idletime_gid, 0, + "Group id of the idletime privilege group"); + static int priority_priv_grant(struct ucred *cred, int priv) { if (priv == PRIV_SCHED_RTPRIO && realtime_enabled && groupmember(realtime_gid, cred)) return (0); + + if (priv == PRIV_SCHED_IDPRIO && idletime_enabled && + groupmember(idletime_gid, cred)) + return (0); + return (EPERM); } diff --git a/sys/sys/conf.h b/sys/sys/conf.h index 8b10baf3faca..7c9c59e3fcdf 100644 --- a/sys/sys/conf.h +++ b/sys/sys/conf.h @@ -161,6 +161,7 @@ typedef int dumper_hdr_t(struct dumperinfo *di, struct kerneldumpheader *kdh, #define GID_GAMES 13 #define GID_VIDEO 44 #define GID_RT_PRIO 47 +#define GID_ID_PRIO 48 #define GID_DIALER 68 #define GID_NOGROUP 65533 #define GID_NOBODY 65534 diff --git a/usr.sbin/rtprio/rtprio.1 b/usr.sbin/rtprio/rtprio.1 index e6ce855d8561..3f29e87d44f8 100644 --- a/usr.sbin/rtprio/rtprio.1 +++ b/usr.sbin/rtprio/rtprio.1 @@ -30,7 +30,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 29, 2021 +.Dd December 8, 2021 .Dt RTPRIO 1 .Os .Sh NAME @@ -115,13 +115,16 @@ of 0 means "the current process". Only root is allowed to set realtime or idle priority for a process. Exceptional privileges can be granted through the .Xr mac_priority 4 -policy and the realtime user group. -A user may modify the idle priority of their own processes if the +policy and the realtime and idletime user groups. +The .Xr sysctl 8 variable .Va security.bsd.unprivileged_idprio -is set to non-zero. -Note that this increases the chance that a deadlock can occur +is deprecated. +If set to non-zero, it lets any user modify the idle priority of processes +they own. +.Pp +Note that idle priority increases the chance that a deadlock can occur if a process locks a required resource and then does not get to run. .Sh EXIT STATUS