evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

memcg: add permission check

Browse source 
Use the 'allow_attach' handler for the 'mem' cgroup to allow
non-root processes to add arbitrary processes to a 'mem' cgroup
if it has the CAP_SYS_NICE capability set.

Bug: 18260435
Change-Id: If7d37bf90c1544024c4db53351adba6a64966250
Signed-off-by: Rom Lemarchand <romlem@android.com>
This commit is contained in:
Rom Lemarchand 2014-11-07 09:42:40 -08:00 committed by John Stultz
parent 6809864a2c
commit e6f5c0c0ec
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
mm/memcontrol.c
View file

@ -4878,6 +4878,12 @@ static int mem_cgroup_can_attach(struct cgroup_taskset *tset)
return ret;
}
static int mem_cgroup_allow_attach(struct cgroup_subsys_state *css,
struct cgroup_taskset *tset)
{
return subsys_cgroup_allow_attach(css->cgroup, tset);
}
static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset)
{
if (mc.to)
@ -5039,6 +5045,11 @@ static int mem_cgroup_can_attach(struct cgroup_taskset *tset)
{
return 0;
}
static int mem_cgroup_allow_attach(struct cgroup_subsys_state *css,
struct cgroup_taskset *tset)
{
return 0;
}
static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset)
{
}
@ -5222,6 +5233,7 @@ struct cgroup_subsys memory_cgrp_subsys = {
.can_attach = mem_cgroup_can_attach,
.cancel_attach = mem_cgroup_cancel_attach,
.attach = mem_cgroup_move_task,
.allow_attach = mem_cgroup_allow_attach,
.bind = mem_cgroup_bind,
.dfl_cftypes = memory_files,
.legacy_cftypes = mem_cgroup_legacy_files,