History log of /freebsd/share/man/man4/mac_priority.4 (Results 1 – 4 of 4)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
Revision tags: release/14.0.0
# ba719a0f 25-Sep-2023 Tom Hukins <tom@FreeBSD.org>

Fix "version introduced" in numerous manual pages

MFC after: 1 week
Pull request: https://github.com/freebsd/freebsd-src/pull/853
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0
# e28767f0 14-Dec-2021 Florian Walpen <dev@submerge.ch>

Thread creation privilege for realtime group

With the mac_priority(4) realtime policy active, users and processes in
the realtime group may promote existing threads and processes to
realtime schedul

Thread creation privilege for realtime group

With the mac_priority(4) realtime policy active, users and processes in
the realtime group may promote existing threads and processes to
realtime scheduling priority. Extend the privileges granted to
PRIV_SCHED_SETPOLICY which allows explicit creation of new realtime
threads.

One use case of this is when the pthread scheduling policy is set to
SCHED_RR or SCHED_FIFO via pthread_attr_setschedpolicy(...) before
calling pthread_create(...). I ran into this when testing audio software
with realtime threads, particularly audio/ardour6.

MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33393

show more ...


# a9545eed 10-Dec-2021 Florian Walpen <dev@submerge.ch>

Add idle priority scheduling privilege group to MAC/priority

Add an idletime user group that allows non-root users to run processes
with idle scheduling priority. Privileges are granted by a MAC pol

Add idle priority scheduling privilege group to MAC/priority

Add an idletime user group that allows non-root users to run processes
with idle scheduling priority. Privileges are granted by a MAC policy in
the mac_priority module. For this purpose, the kernel privilege
PRIV_SCHED_IDPRIO was added to sys/priv.h (kernel module ABI change).

Deprecate the system wide sysctl(8) knob
security.bsd.unprivileged_idprio which lets any user run idle priority
processes, regardless of context. While the knob is still working, it is
marked as deprecated in the description and in the man pages.

MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D33338

show more ...


# bf2fa8d9 04-Dec-2021 Florian Walpen <dev@submerge.ch>

MAC/priority module for realtime privilege group

This is a MAC policy module that grants scheduling privileges based on
group membership. Users or processes in the group realtime (gid 47) are
allow

MAC/priority module for realtime privilege group

This is a MAC policy module that grants scheduling privileges based on
group membership. Users or processes in the group realtime (gid 47) are
allowed to run threads and processes with realtime scheduling priority.
For timing-sensitive, low-latency software like audio/jack, running with
realtime priority helps to avoid stutter and gaps.

PR: 239125
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D33191

show more ...