#include <kern/assert.h>
#include <sys/resource.h>
+#include <IOKit/IOBSD.h>
int donice(struct proc *curp, struct proc *chgp, int n);
int dosetrlimit(struct proc *p, u_int which, struct rlimit *limp);
integer_t role = 0;
- switch (priority) {
- case PRIO_DARWIN_ROLE_DEFAULT:
- role = TASK_UNSPECIFIED;
- break;
- case PRIO_DARWIN_ROLE_UI_FOCAL:
- role = TASK_FOREGROUND_APPLICATION;
- break;
- case PRIO_DARWIN_ROLE_UI:
- role = TASK_BACKGROUND_APPLICATION;
- break;
- case PRIO_DARWIN_ROLE_NON_UI:
- role = TASK_NONUI_APPLICATION;
- break;
- default:
- error = EINVAL;
- goto out;
- }
+ if ((error = proc_darwin_role_to_task_role(priority, &role)))
+ goto out;
proc_set_task_policy(proc_task(targetp), THREAD_NULL,
TASK_POLICY_ATTRIBUTE, TASK_POLICY_ROLE, role);
role = proc_get_task_policy(proc_task(targetp), THREAD_NULL,
TASK_POLICY_ATTRIBUTE, TASK_POLICY_ROLE);
- switch (role) {
- case TASK_FOREGROUND_APPLICATION:
- *priority = PRIO_DARWIN_ROLE_UI_FOCAL;
- break;
- case TASK_BACKGROUND_APPLICATION:
- *priority = PRIO_DARWIN_ROLE_UI;
- break;
- case TASK_NONUI_APPLICATION:
- *priority = PRIO_DARWIN_ROLE_NON_UI;
- break;
- case TASK_UNSPECIFIED:
- default:
- *priority = PRIO_DARWIN_ROLE_DEFAULT;
- break;
- }
+ *priority = proc_task_role_to_darwin_role(role);
out:
kauth_cred_unref(&target_cred);
switch(cmd) {
case IOPOL_CMD_SET:
if (0 == kauth_cred_issuser(kauth_cred_get())) {
- error = EPERM;
- goto out;
+ /* If it's a non-root process, it needs to have the entitlement to set the policy */
+ boolean_t entitled = FALSE;
+ entitled = IOTaskHasEntitlement(current_task(), "com.apple.private.iopol.case_sensitivity");
+ if (!entitled) {
+ error = EPERM;
+ goto out;
+ }
}
switch (policy) {
projects / apple / xnu.git / blobdiff