From 24d819e6779cf7765ce55eee9cf6f0a8fcea4e30 Mon Sep 17 00:00:00 2001
From: Jerry Jelinek <jerry.jelinek@joyent.com>
Date: Sat, 27 Jul 2013 18:17:16 -0700
Subject: [PATCH] 3923 Users should be able to lower nice value of processes
 within a zone 3924 privileges.5 man page missing PRIV_SYS_RES_BIND Reviewed
 by: Robert Mustacchi <rm@joyent.com> Approved by: Gordon Ross
 <gwr@nexenta.com>

---
 usr/src/man/man5/privileges.5   | 28 +++++++++++++++++++++++++---
 usr/src/uts/common/disp/fss.c   |  5 +++--
 usr/src/uts/common/disp/fx.c    |  5 +++--
 usr/src/uts/common/disp/rt.c    |  5 ++---
 usr/src/uts/common/disp/ts.c    |  7 ++++---
 usr/src/uts/common/os/policy.c  | 14 +++++++++++++-
 usr/src/uts/common/os/priv_defs |  7 ++++++-
 usr/src/uts/common/sys/policy.h |  2 ++
 8 files changed, 58 insertions(+), 15 deletions(-)

diff --git a/usr/src/man/man5/privileges.5 b/usr/src/man/man5/privileges.5
index be969c17a8..6cbf5277fb 100644
--- a/usr/src/man/man5/privileges.5
+++ b/usr/src/man/man5/privileges.5
@@ -1,5 +1,6 @@
 '\" te
 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
+.\" Copyright 2013, Joyent, Inc. All Rights Reserved.
 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
 .\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with
 .\" the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
@@ -489,13 +490,23 @@ arbitrary processes to CPUs.
 .sp
 .ne 2
 .na
+\fB\fBPRIV_PROC_PRIOUP\fR\fR
+.ad
+.sp .6
+.RS 4n
+Allow a process to elevate its priority above its current level.
+.RE
+
+.sp
+.ne 2
+.na
 \fB\fBPRIV_PROC_PRIOCNTL\fR\fR
 .ad
 .sp .6
 .RS 4n
-Allow a process to elevate its priority above its current level. Allow a
-process to change its scheduling class to any scheduling class, including the
-RT class.
+Allows all that PRIV_PROC_PRIOUP allows.
+Allow a process to change its scheduling class to any scheduling class,
+including the RT class.
 .RE
 
 .sp
@@ -698,10 +709,21 @@ This privilege is granted by default to exclusive IP stack instance zones.
 .sp
 .ne 2
 .na
+\fB\fBPRIV_SYS_RES_BIND\fR\fR
+.ad
+.sp .6
+.RS 4n
+Allows a process to bind processes to processor sets.
+.RE
+
+.sp
+.ne 2
+.na
 \fB\fBPRIV_SYS_RES_CONFIG\fR\fR
 .ad
 .sp .6
 .RS 4n
+Allows all that PRIV_SYS_RES_BIND allows.
 Allow a process to create and delete processor sets, assign CPUs to processor
 sets and override the \fBPSET_NOESCAPE\fR property. Allow a process to change
 the operational status of CPUs in the system using \fBp_online\fR(2). Allow a
diff --git a/usr/src/uts/common/disp/fss.c b/usr/src/uts/common/disp/fss.c
index 62301d65d8..b7f992c300 100644
--- a/usr/src/uts/common/disp/fss.c
+++ b/usr/src/uts/common/disp/fss.c
@@ -21,6 +21,7 @@
 
 /*
  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #include <sys/types.h>
@@ -1708,7 +1709,7 @@ fss_parmsset(kthread_t *t, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	 */
 	if ((reqpcredp != NULL) &&
 	    (reqfssuprilim > fssproc->fss_uprilim) &&
-	    secpolicy_setpriority(reqpcredp) != 0)
+	    secpolicy_raisepriority(reqpcredp) != 0)
 		return (EPERM);
 
 	/*
@@ -2355,7 +2356,7 @@ fss_donice(kthread_t *t, cred_t *cr, int incr, int *retvalp)
 		return (0);
 	}
 
-	if ((incr < 0 || incr > 2 * NZERO) && secpolicy_setpriority(cr) != 0)
+	if ((incr < 0 || incr > 2 * NZERO) && secpolicy_raisepriority(cr) != 0)
 		return (EPERM);
 
 	/*
diff --git a/usr/src/uts/common/disp/fx.c b/usr/src/uts/common/disp/fx.c
index 7e3607526b..ab5ba278a0 100644
--- a/usr/src/uts/common/disp/fx.c
+++ b/usr/src/uts/common/disp/fx.c
@@ -21,6 +21,7 @@
 
 /*
  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #include <sys/types.h>
@@ -1046,7 +1047,7 @@ fx_parmsset(kthread_t *tx, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	if ((reqpcredp != NULL) &&
 	    (reqfxuprilim > fxpp->fx_uprilim ||
 	    ((fxkparmsp->fx_cflags & FX_DOTQ) != 0)) &&
-	    secpolicy_setpriority(reqpcredp) != 0) {
+	    secpolicy_raisepriority(reqpcredp) != 0) {
 		thread_unlock(tx);
 		return (EPERM);
 	}
@@ -1498,7 +1499,7 @@ fx_donice(kthread_t *t, cred_t *cr, int incr, int *retvalp)
 	}
 
 	if ((incr < 0 || incr > 2 * NZERO) &&
-	    secpolicy_setpriority(cr) != 0)
+	    secpolicy_raisepriority(cr) != 0)
 		return (EPERM);
 
 	/*
diff --git a/usr/src/uts/common/disp/rt.c b/usr/src/uts/common/disp/rt.c
index 43b42d5298..f87f8c56ce 100644
--- a/usr/src/uts/common/disp/rt.c
+++ b/usr/src/uts/common/disp/rt.c
@@ -22,13 +22,12 @@
 /*
  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright 2013 Joyent, Inc.  All rights reserved.
  */
 
 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
 /*	  All Rights Reserved  	*/
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/sysmacros.h>
@@ -870,7 +869,7 @@ rt_parmsset(kthread_t *tx, void *prmsp, id_t reqpcid, cred_t *reqpcredp)
 	 * we check it here.
 	 */
 	if (reqpcredp != NULL && reqpcid != rt_cid &&
-	    secpolicy_setpriority(reqpcredp) != 0)
+	    secpolicy_raisepriority(reqpcredp) != 0)
 		return (EPERM);
 
 	thread_lock(tx);
diff --git a/usr/src/uts/common/disp/ts.c b/usr/src/uts/common/disp/ts.c
index 05605be7f0..b499244de5 100644
--- a/usr/src/uts/common/disp/ts.c
+++ b/usr/src/uts/common/disp/ts.c
@@ -21,6 +21,7 @@
 
 /*
  * Copyright (c) 1994, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 /*	Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T	*/
@@ -1197,7 +1198,7 @@ ts_parmsset(kthread_t *tx, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	 */
 	if (reqpcredp != NULL &&
 	    reqtsuprilim > tspp->ts_uprilim &&
-	    secpolicy_setpriority(reqpcredp) != 0)
+	    secpolicy_raisepriority(reqpcredp) != 0)
 		return (EPERM);
 
 	/*
@@ -1250,7 +1251,7 @@ ia_parmsset(kthread_t *tx, void *parmsp, id_t reqpcid, cred_t *reqpcredp)
 	 */
 
 	if (reqpcredp != NULL && !groupmember(IA_gid, reqpcredp) &&
-	    secpolicy_setpriority(reqpcredp) != 0) {
+	    secpolicy_raisepriority(reqpcredp) != 0) {
 		/*
 		 * Silently fail in case this is just a priocntl
 		 * call with upri and uprilim set to IA_NOCHANGE.
@@ -2097,7 +2098,7 @@ ts_donice(kthread_t *t, cred_t *cr, int incr, int *retvalp)
 	}
 
 	if ((incr < 0 || incr > 2 * NZERO) &&
-	    secpolicy_setpriority(cr) != 0)
+	    secpolicy_raisepriority(cr) != 0)
 		return (EPERM);
 
 	/*
diff --git a/usr/src/uts/common/os/policy.c b/usr/src/uts/common/os/policy.c
index 573ebbc367..05deaaf43b 100644
--- a/usr/src/uts/common/os/policy.c
+++ b/usr/src/uts/common/os/policy.c
@@ -20,6 +20,7 @@
  */
 /*
  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #include <sys/types.h>
@@ -553,7 +554,18 @@ priv_policy_global(const cred_t *cr)
 }
 
 /*
- * Changing process priority
+ * Raising process priority
+ */
+int
+secpolicy_raisepriority(const cred_t *cr)
+{
+	if (PRIV_POLICY(cr, PRIV_PROC_PRIOUP, B_FALSE, EPERM, NULL) == 0)
+		return (0);
+	return (secpolicy_setpriority(cr));
+}
+
+/*
+ * Changing process priority or scheduling class
  */
 int
 secpolicy_setpriority(const cred_t *cr)
diff --git a/usr/src/uts/common/os/priv_defs b/usr/src/uts/common/os/priv_defs
index a5a918b326..bfacce1739 100644
--- a/usr/src/uts/common/os/priv_defs
+++ b/usr/src/uts/common/os/priv_defs
@@ -20,6 +20,7 @@
  */
 /*
  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  *
 INSERT COMMENT
  */
@@ -303,9 +304,13 @@ privilege PRIV_PROC_OWNER
 	effective uid is 0.
 	Allows a process to bind arbitrary processes to CPUs.
 
-privilege PRIV_PROC_PRIOCNTL
+privilege PRIV_PROC_PRIOUP
 
 	Allows a process to elevate its priority above its current level.
+
+privilege PRIV_PROC_PRIOCNTL
+
+	Allows all that PRIV_PROC_PRIOUP allows.
 	Allows a process to change its scheduling class to any scheduling class,
 	including the RT class.
 
diff --git a/usr/src/uts/common/sys/policy.h b/usr/src/uts/common/sys/policy.h
index bcd5ba2b4c..276c4d386e 100644
--- a/usr/src/uts/common/sys/policy.h
+++ b/usr/src/uts/common/sys/policy.h
@@ -20,6 +20,7 @@
  */
 /*
  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2013, Joyent, Inc. All rights reserved.
  */
 
 #ifndef	_SYS_POLICY_H
@@ -136,6 +137,7 @@ int secpolicy_resource(const cred_t *);
 int secpolicy_resource_anon_mem(const cred_t *);
 int secpolicy_rpcmod_open(const cred_t *);
 int secpolicy_rsm_access(const cred_t *, uid_t, mode_t);
+int secpolicy_raisepriority(const cred_t *);
 int secpolicy_setpriority(const cred_t *);
 int secpolicy_settime(const cred_t *);
 int secpolicy_smb(const cred_t *);
-- 
2.11.4.GIT