aboutsummaryrefslogtreecommitdiff
path: root/sys/security
diff options
context:
space:
mode:
authorFlorian Walpen <dev@submerge.ch>2021-12-10 01:35:38 +0000
committerKonstantin Belousov <kib@FreeBSD.org>2021-12-10 02:54:48 +0000
commita9545eede43b8fac889f3ec3180f5917f0d0b0ea (patch)
treea30eab96d7ed80b8f9417fe7c52ea473e55e4e69 /sys/security
parenta20a2450cd5f38fb28d5fa5540177edfb60d2473 (diff)
Diffstat (limited to 'sys/security')
-rw-r--r--sys/security/mac_priority/mac_priority.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/sys/security/mac_priority/mac_priority.c b/sys/security/mac_priority/mac_priority.c
index faf9455aa098..5c4db72ca657 100644
--- a/sys/security/mac_priority/mac_priority.c
+++ b/sys/security/mac_priority/mac_priority.c
@@ -44,19 +44,34 @@ static SYSCTL_NODE(_security_mac, OID_AUTO, priority,
static int realtime_enabled = 1;
SYSCTL_INT(_security_mac_priority, OID_AUTO, realtime, CTLFLAG_RWTUN,
&realtime_enabled, 0,
- "Enable realtime policy for group realtime_gid");
+ "Enable realtime priority scheduling for group realtime_gid");
static int realtime_gid = GID_RT_PRIO;
SYSCTL_INT(_security_mac_priority, OID_AUTO, realtime_gid, CTLFLAG_RWTUN,
&realtime_gid, 0,
"Group id of the realtime privilege group");
+static int idletime_enabled = 1;
+SYSCTL_INT(_security_mac_priority, OID_AUTO, idletime, CTLFLAG_RWTUN,
+ &idletime_enabled, 0,
+ "Enable idle priority scheduling for group idletime_gid");
+
+static int idletime_gid = GID_ID_PRIO;
+SYSCTL_INT(_security_mac_priority, OID_AUTO, idletime_gid, CTLFLAG_RWTUN,
+ &idletime_gid, 0,
+ "Group id of the idletime privilege group");
+
static int
priority_priv_grant(struct ucred *cred, int priv)
{
if (priv == PRIV_SCHED_RTPRIO && realtime_enabled &&
groupmember(realtime_gid, cred))
return (0);
+
+ if (priv == PRIV_SCHED_IDPRIO && idletime_enabled &&
+ groupmember(idletime_gid, cred))
+ return (0);
+
return (EPERM);
}
generated by cgit v1.3 (git 2.53.0) at 2026-05-30 03:49:44 +0000