shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-09 04:10:18 +09:00
Code Issues Packages Projects Releases Wiki Activity

memcg: add permission check

Browse Source 
Use the 'allow_attach' handler for the 'mem' cgroup to allow
non-root processes to add arbitrary processes to a 'mem' cgroup
if it has the CAP_SYS_NICE capability set.

Bug: 18260435
Change-Id: If7d37bf90c1544024c4db53351adba6a64966250
Signed-off-by: Rom Lemarchand <romlem@android.com>
This commit is contained in:
Rom Lemarchand
2014-11-07 09:42:40 -08:00
parent 57114e95e8
commit cce78bc02f
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
mm/memcontrol.c
View File

@@ -6753,6 +6753,12 @@ static int mem_cgroup_can_attach(struct cgroup *cgroup,
return ret;
}
static int mem_cgroup_allow_attach(struct cgroup *cgroup,
struct cgroup_taskset *tset)
{
return subsys_cgroup_allow_attach(cgroup, tset);
}
static void mem_cgroup_cancel_attach(struct cgroup *cgroup,
struct cgroup_taskset *tset)
{
@@ -6921,6 +6927,11 @@ static int mem_cgroup_can_attach(struct cgroup *cgroup,
{
return 0;
}
static int mem_cgroup_allow_attach(struct cgroup *cgroup,
struct cgroup_taskset *tset)
{
return 0;
}
static void mem_cgroup_cancel_attach(struct cgroup *cgroup,
struct cgroup_taskset *tset)
{
@@ -6956,6 +6967,7 @@ struct cgroup_subsys mem_cgroup_subsys = {
.can_attach = mem_cgroup_can_attach,
.cancel_attach = mem_cgroup_cancel_attach,
.attach = mem_cgroup_move_task,
.allow_attach = mem_cgroup_allow_attach,
.bind = mem_cgroup_bind,
.base_cftypes = mem_cgroup_files,
.early_init = 0,