From 0e8b65e41ffd6d3c08af4c826bc62dc2a6a8f9e2 Mon Sep 17 00:00:00 2001 From: Rick Yiu Date: Mon, 7 Oct 2024 06:38:08 +0000 Subject: [PATCH] ANDROID: sched: Make uclamp changes depend on CAP_SYS_NICE There is currently nothing preventing tasks from changing their per-task clamp values in anyway that they like. The rationale is probably that system administrators are still able to limit those clamps thanks to the cgroup interface. However, this causes pain in a system where both per-task and per-cgroup clamp values are expected to be under the control of core system components (as is the case for Android). To fix this, let's require CAP_SYS_NICE to change per-task clamp values. There are ongoing discussions upstream about more flexible approaches than this using the RLIMIT API -- see [1]. But the upstream discussion has not converged yet, and this is way too late for UAPI changes in android12-5.10 anyway, so let's apply this change which provides the behaviour we want without actually impacting UAPIs. [1] https://lore.kernel.org/lkml/20210623123441.592348-4-qperret@google.com/ Bug: 187186685 Signed-off-by: Quentin Perret Signed-off-by: Rick Yiu Change-Id: I749312a77306460318ac5374cf243d00b78120dd --- kernel/sched/core.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index a636832a472a..874011e555fc 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -7663,6 +7663,12 @@ static int user_check_sched_setscheduler(struct task_struct *p, if (p->sched_reset_on_fork && !reset_on_fork) goto req_priv; + if (!capable(CAP_SYS_NICE)) { + /* Can't change util-clamps */ + if (attr->sched_flags & SCHED_FLAG_UTIL_CLAMP) + return -EPERM; + } + return 0; req_priv: