OS-2295 Users should be able to lower nice value of processes within a zone.

OS-2367 privileges.5 man page missing PRIV_SYS_RES_BIND

9 files changed, 59 insertions, 19 deletions

diff --git a/usr/src/lib/brand/sngl/zone/config.xml b/usr/src/lib/brand/sngl/zone/config.xml
index 86e58b6f8b..421400e82a 100644
--- a/usr/src/lib/brand/sngl/zone/config.xml
+++ b/usr/src/lib/brand/sngl/zone/config.xml
@@ -80,6 +80,7 @@
 	<privilege set="default" name="proc_audit" />
 	<privilege set="default" name="proc_lock_memory" />
 	<privilege set="default" name="proc_owner" />
+	<privilege set="default" name="proc_prioup" />
 	<privilege set="default" name="proc_setid" />
 	<privilege set="default" name="proc_taskid" />
 	<privilege set="default" name="sys_acct" />
diff --git a/usr/src/man/man5/privileges.5 b/usr/src/man/man5/privileges.5
index 138cd908b2..7fc9c00f45 100644
--- a/usr/src/man/man5/privileges.5
+++ b/usr/src/man/man5/privileges.5
@@ -1,6 +1,6 @@
 '\" te
 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
-.\" Copyright 2012, Joyent, Inc. All Rights Reserved.
+.\" Copyright 2013, Joyent, Inc. All Rights Reserved.
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
 .\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with
 .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
@@ -500,13 +500,23 @@ arbitrary processes to CPUs.
 .sp
 .ne 2
 .na
+\fB\fBPRIV_PROC_PRIOUP\fR\fR
+.ad
+.sp .6
+.RS 4n
+Allow a process to elevate its priority above its current level.
+.RE
+
+.sp
+.ne 2
+.na
 \fB\fBPRIV_PROC_PRIOCNTL\fR\fR
 .ad
 .sp .6
 .RS 4n
-Allow a process to elevate its priority above its current level. Allow a
-process to change its scheduling class to any scheduling class, including the
-RT class.
+Allows all that PRIV_PROC_PRIOUP allows.
+Allow a process to change its scheduling class to any scheduling class,
+including the RT class.
 .RE
 
 .sp
@@ -709,10 +719,21 @@ This privilege is granted by default to exclusive IP stack instance zones.
 .sp
 .ne 2
 .na
+\fB\fBPRIV_SYS_RES_BIND\fR\fR
+.ad
+.sp .6
+.RS 4n
+Allows a process to bind processes to processor sets.
+.RE
+
+.sp
+.ne 2
+.na
 \fB\fBPRIV_SYS_RES_CONFIG\fR\fR
 .ad
 .sp .6
 .RS 4n
+Allows all that PRIV_SYS_RES_BIND allows.
 Allow a process to create and delete processor sets, assign CPUs to processor
 sets and override the \fBPSET_NOESCAPE\fR property. Allow a process to change
 the operational status of CPUs in the system using \fBp_online\fR(2). Allow a
diff --git a/usr/src/uts/common/disp/fss.c b/usr/src/uts/common/disp/fss.c
index c1c7da06ec..250df0bec7 100644
--- a/usr/src/uts/common/disp/fss.c
+++ b/usr/src/uts/common/disp/fss.c
@@ -21,7 +21,7 @@
 
 /*
  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
- * Copyright (c) 2012, Joyent, Inc. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #include <sys/types.h>
@@ -2020,7 +2020,7 @@ fss_parmsset(kthread_t *t, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	 */
 	if ((reqpcredp != NULL) &&
 	    (reqfssuprilim > fssproc->fss_uprilim) &&
-	    secpolicy_setpriority(reqpcredp) != 0)
+	    secpolicy_raisepriority(reqpcredp) != 0)
 		return (EPERM);
 
 	/*
@@ -2668,7 +2668,7 @@ fss_donice(kthread_t *t, cred_t *cr, int incr, int *retvalp)
 		return (0);
 	}
 
-	if ((incr < 0 || incr > 2 * NZERO) && secpolicy_setpriority(cr) != 0)
+	if ((incr < 0 || incr > 2 * NZERO) && secpolicy_raisepriority(cr) != 0)
 		return (EPERM);
 
 	/*
diff --git a/usr/src/uts/common/disp/fx.c b/usr/src/uts/common/disp/fx.c
index 7e3607526b..ab5ba278a0 100644
--- a/usr/src/uts/common/disp/fx.c
+++ b/usr/src/uts/common/disp/fx.c
@@ -21,6 +21,7 @@
 
 /*
  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #include <sys/types.h>
@@ -1046,7 +1047,7 @@ fx_parmsset(kthread_t *tx, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	if ((reqpcredp != NULL) &&
 	    (reqfxuprilim > fxpp->fx_uprilim ||
 	    ((fxkparmsp->fx_cflags & FX_DOTQ) != 0)) &&
-	    secpolicy_setpriority(reqpcredp) != 0) {
+	    secpolicy_raisepriority(reqpcredp) != 0) {
 		thread_unlock(tx);
 		return (EPERM);
 	}
@@ -1498,7 +1499,7 @@ fx_donice(kthread_t *t, cred_t *cr, int incr, int *retvalp)
 	}
 
 	if ((incr < 0 || incr > 2 * NZERO) &&
-	    secpolicy_setpriority(cr) != 0)
+	    secpolicy_raisepriority(cr) != 0)
 		return (EPERM);
 
 	/*
diff --git a/usr/src/uts/common/disp/rt.c b/usr/src/uts/common/disp/rt.c
index 43b42d5298..f87f8c56ce 100644
--- a/usr/src/uts/common/disp/rt.c
+++ b/usr/src/uts/common/disp/rt.c
@@ -22,13 +22,12 @@
 /*
  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2013 Joyent, Inc.  All rights reserved.
  */
 
 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
 /*	  All Rights Reserved  	*/
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/sysmacros.h>
@@ -870,7 +869,7 @@ rt_parmsset(kthread_t *tx, void *prmsp, id_t reqpcid, cred_t *reqpcredp)
 	 * we check it here.
 	 */
 	if (reqpcredp != NULL && reqpcid != rt_cid &&
-	    secpolicy_setpriority(reqpcredp) != 0)
+	    secpolicy_raisepriority(reqpcredp) != 0)
 		return (EPERM);
 
 	thread_lock(tx);
diff --git a/usr/src/uts/common/disp/ts.c b/usr/src/uts/common/disp/ts.c
index 05605be7f0..b499244de5 100644
--- a/usr/src/uts/common/disp/ts.c
+++ b/usr/src/uts/common/disp/ts.c
@@ -21,6 +21,7 @@
 
 /*
  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
@@ -1197,7 +1198,7 @@ ts_parmsset(kthread_t *tx, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	 */
 	if (reqpcredp != NULL &&
 	    reqtsuprilim > tspp->ts_uprilim &&
-	    secpolicy_setpriority(reqpcredp) != 0)
+	    secpolicy_raisepriority(reqpcredp) != 0)
 		return (EPERM);
 
 	/*
@@ -1250,7 +1251,7 @@ ia_parmsset(kthread_t *tx, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	 */
 
 	if (reqpcredp != NULL && !groupmember(IA_gid, reqpcredp) &&
-	    secpolicy_setpriority(reqpcredp) != 0) {
+	    secpolicy_raisepriority(reqpcredp) != 0) {
 		/*
 		 * Silently fail in case this is just a priocntl
 		 * call with upri and uprilim set to IA_NOCHANGE.
@@ -2097,7 +2098,7 @@ ts_donice(kthread_t *t, cred_t *cr, int incr, int *retvalp)
 	}
 
 	if ((incr < 0 || incr > 2 * NZERO) &&
-	    secpolicy_setpriority(cr) != 0)
+	    secpolicy_raisepriority(cr) != 0)
 		return (EPERM);
 
 	/*
diff --git a/usr/src/uts/common/os/policy.c b/usr/src/uts/common/os/policy.c
index d8f7882723..40db66fb8d 100644
--- a/usr/src/uts/common/os/policy.c
+++ b/usr/src/uts/common/os/policy.c
@@ -20,7 +20,7 @@
  */
 /*
  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
- * Copyright 2012, Joyent, Inc. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #include <sys/types.h>
@@ -554,7 +554,18 @@ priv_policy_global(const cred_t *cr)
 }
 
 /*
- * Changing process priority
+ * Raising process priority
+ */
+int
+secpolicy_raisepriority(const cred_t *cr)
+{
+	if (PRIV_POLICY(cr, PRIV_PROC_PRIOUP, B_FALSE, EPERM, NULL) == 0)
+		return (0);
+	return (secpolicy_setpriority(cr));
+}
+
+/*
+ * Changing process priority or scheduling class
  */
 int
 secpolicy_setpriority(const cred_t *cr)
diff --git a/usr/src/uts/common/os/priv_defs b/usr/src/uts/common/os/priv_defs
index 53617bd0fe..f510050a01 100644
--- a/usr/src/uts/common/os/priv_defs
+++ b/usr/src/uts/common/os/priv_defs
@@ -20,6 +20,7 @@
  */
 /*
  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  *
 INSERT COMMENT
  */
@@ -307,9 +308,13 @@ privilege PRIV_PROC_OWNER
 	effective uid is 0.
 	Allows a process to bind arbitrary processes to CPUs.
 
-privilege PRIV_PROC_PRIOCNTL
+privilege PRIV_PROC_PRIOUP
 
 	Allows a process to elevate its priority above its current level.
+
+privilege PRIV_PROC_PRIOCNTL
+
+	Allows all that PRIV_PROC_PRIOUP allows.
 	Allows a process to change its scheduling class to any scheduling class,
 	including the RT class.
 
diff --git a/usr/src/uts/common/sys/policy.h b/usr/src/uts/common/sys/policy.h
index 819c788b9e..597c166b31 100644
--- a/usr/src/uts/common/sys/policy.h
+++ b/usr/src/uts/common/sys/policy.h
@@ -20,7 +20,7 @@
  */
 /*
  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
- * Copyright 2012, Joyent, Inc. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #ifndef	_SYS_POLICY_H
@@ -137,6 +137,7 @@ int secpolicy_resource(const cred_t *);
 int secpolicy_resource_anon_mem(const cred_t *);
 int secpolicy_rpcmod_open(const cred_t *);
 int secpolicy_rsm_access(const cred_t *, uid_t, mode_t);
+int secpolicy_raisepriority(const cred_t *);
 int secpolicy_setpriority(const cred_t *);
 int secpolicy_settime(const cred_t *);
 int secpolicy_smb(const cred_t *);