/* only super-user should call this sysctl */
td = req->td;
- if ((priv_check(td, PRIV_ROOT)) != 0)
+ if ((priv_check(td, PRIV_VM_RESIDENT)) != 0)
return EPERM;
error = count = 0;
/*
* exec_sys_register(entry)
*
- * Register ourselves for resident execution. Only root can do this. This
+ * Register ourselves for resident execution. Only root (i.e. a process with
+ * PRIV_VM_RESIDENT credentials) can do this. This
* will snapshot the vmspace and cause future exec's of the specified binary
* to use the snapshot directly rather then load & relocate a new copy.
*/
int error;
p = curproc;
- if ((error = priv_check_cred(p->p_ucred, PRIV_ROOT, 0)) != 0)
+ if ((error = priv_check_cred(p->p_ucred, PRIV_VM_RESIDENT, 0)) != 0)
return(error);
if ((vp = p->p_textvp) == NULL)
return(ENOENT);
int count;
p = curproc;
- if ((error = priv_check_cred(p->p_ucred, PRIV_ROOT, 0)) != 0)
+ if ((error = priv_check_cred(p->p_ucred, PRIV_VM_RESIDENT, 0)) != 0)
return(error);
/*
#define PRIV_VM_MADV_PROTECT 360 /* Can set MADV_PROTECT. */
#define PRIV_VM_MLOCK 361 /* Can mlock(), mlockall(). */
#define PRIV_VM_MUNLOCK 362 /* Can munlock(), munlockall(). */
+#define PRIV_VM_RESIDENT 363 /* Can use resident(8) */
/*
* Device file system privileges.
projects / dragonfly.git / commitdiff