d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a46856c3f9
freebsd-dev/lib/libc/sys
History
Florian Walpen a9545eede4 Add idle priority scheduling privilege group to MAC/priority 
Add an idletime user group that allows non-root users to run processes
with idle scheduling priority. Privileges are granted by a MAC policy in
the mac_priority module. For this purpose, the kernel privilege
PRIV_SCHED_IDPRIO was added to sys/priv.h (kernel module ABI change).

Deprecate the system wide sysctl(8) knob
security.bsd.unprivileged_idprio which lets any user run idle priority
processes, regardless of context. While the knob is still working, it is
marked as deprecated in the description and in the man pages.

MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D33338
2021-12-10 04:54:48 +02:00
..
__error.c
__vdso_gettimeofday.c
_exit.2
_umtx_op.2
abort2.2
accept4.c
accept.2
accept.c
access.2
acct.2
adjtime.2
aio_cancel.2
aio_error.2
aio_fsync.2
aio_mlock.2
aio_read.2
aio_return.2
aio_suspend.2
aio_suspend.c
aio_waitcomplete.2
aio_write.2
bind.2
bindat.2
brk.2
brk.c
cap_enter.2
cap_fcntls_limit.2
cap_ioctls_limit.2
cap_rights_limit.2
chdir.2
chflags.2
chmod.2
chown.2
chroot.2
clock_gettime.2
clock_gettime.c
clock_nanosleep.c
close.2
close.c
closefrom.2
closefrom.c
compat-ino64.h
compat-stub.c
connect.2
connect.c
connectat.2
copy_file_range.2
cpuset_getaffinity.2
cpuset_getdomain.2
cpuset.2
dup.2
eventfd.2
execve.2
extattr_get_file.2
fcntl.2 fcntl(2): be more precise about third arg type 2021-12-07 01:27:38 +02:00
fcntl.c
fdatasync.c
ffclock.2
fhlink.2
fhopen.2
fhreadlink.2
flock.2
fork.2
fork.c
fspacectl.2
fstat.c
fstatat.c
fstatfs.c
fsync.2
fsync.c
getdents.c
getdirentries.2
getdirentries.c
getdtablesize.2
getfh.2
getfsstat.2
getfsstat.c
getgid.2
getgroups.2
getitimer.2
getlogin.2
getloginclass.2
getpeername.2
getpgrp.2
getpid.2
getpriority.2
getrandom.2
getrlimit.2
getrusage.2
getsid.2
getsockname.2
getsockopt.2
gettimeofday.2
gettimeofday.c
getuid.2
interposing_table.c
intro.2
ioctl.2
issetugid.2
jail.2
kenv.2
kevent.c
kill.2
kldfind.2
kldfirstmod.2
kldload.2
kldnext.2
kldstat.2
kldsym.2
kldunload.2
kqueue.2 bpf: Fix the write filter for detached descriptors 2021-10-26 10:00:39 -04:00
ktrace.2
link.2
lio_listio.2
listen.2
lseek.2
lstat.c
madvise.2
Makefile.inc libc: get rid of NO_P1003_1B make variable 2021-12-07 00:21:44 +00:00
mincore.2
minherit.2
mkdir.2
mkfifo.2
mknod.2
mknod.c
mlock.2
mlockall.2
mmap.2
modfind.2
modnext.2
modstat.2
mount.2
mprotect.2
mq_close.2
mq_getattr.2
mq_notify.2
mq_open.2
mq_receive.2
mq_send.2
mq_setattr.2
mq_unlink.2
msgctl.2
msgget.2
msgrcv.2
msgsnd.2
msync.2
msync.c
munmap.2
nanosleep.2
nanosleep.c
nfssvc.2
ntp_adjtime.2
open.2 fexecve(2): allow O_PATH file descriptors opened without O_EXEC 2021-11-03 18:00:42 +02:00
open.c
openat.c
pathconf.2
pdfork.2
pdfork.c
pipe.2
pipe.c
poll.2
poll.c
POSIX2x_Fork.c
posix_fadvise.2
posix_fallocate.2
posix_openpt.2
ppoll.c
procctl.2 procctl: actually require debug privileges over target 2021-10-19 23:04:34 +03:00
profil.2
pselect.2
pselect.c
ptrace.2
ptrace.c
quotactl.2
rctl_add_rule.2
read.2
read.c
readlink.2
readv.c
reboot.2
recv.2
recvfrom.c
recvmsg.c
rename.2
revoke.2
rfork.2
rmdir.2
rtprio.2 Add idle priority scheduling privilege group to MAC/priority 2021-12-10 04:54:48 +02:00
sched_get_priority_max.2
sched_setparam.2
sched_setscheduler.2
sched_yield.2
sctp_generic_recvmsg.2
sctp_generic_sendmsg.2
sctp_peeloff.2
select.2
select.c
semctl.2
semget.2
semop.2
send.2
sendfile.2
sendmsg.c
sendto.c
setcontext.c
setfib.2
setgroups.2
setpgid.2
setregid.2
setresuid.2
setreuid.2
setsid.2
setuid.2
shm_open.2
shm_open.c
shmat.2
shmctl.2
shmget.2
shutdown.2
sigaction.2
sigaction.c
sigaltstack.2
sigfastblock.2
sigpending.2
sigprocmask.2
sigprocmask.c
sigqueue.2
sigreturn.2
sigstack.2
sigsuspend.2
sigsuspend.c
sigtimedwait.c
sigwait.2
sigwait.c
sigwaitinfo.2
sigwaitinfo.c
socket.2
socketpair.2
stat.2
stat.c
statfs.2
statfs.c
swapcontext.c
swapon.2 Document new variant of swapoff(2) 2021-12-09 02:48:53 +02:00
Symbol.map swapoff: add one more variant of the syscall 2021-12-09 02:48:46 +02:00
symlink.2
sync.2
sysarch.2
syscall.2
thr_exit.2
thr_kill.2
thr_new.2
thr_self.2
thr_set_name.2
thr_suspend.2
thr_wake.2
timer_create.2
timer_delete.2
timer_settime.2
trivial-vdso_tc.c
truncate.2
umask.2
undelete.2
unlink.2
utimensat.2
utimes.2
utrace.2
uuidgen.2
vadvise.c
vfork.2
wait4.c
wait6.c
wait.2
write.2
write.c
writev.c