mirror of
https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
synced 2024-09-21 20:04:01 +00:00
Merge "memcg: Allow non-root users permission to control memory"
This commit is contained in:
Linux Build Service Account
Gerrit - the friendly Code Review server
commit
348e3a3df5
1 changed files with 18 additions and 0 deletions
|
|
@ -6941,6 +6941,23 @@ static void mem_cgroup_move_task(struct cgroup *cont,
|
|||
}
|
||||
#endif
|
||||
|
||||
static int mem_cgroup_allow_attach(struct cgroup *cgrp,
|
||||
struct cgroup_taskset *tset)
|
||||
{
|
||||
const struct cred *cred = current_cred(), *tcred;
|
||||
struct task_struct *task;
|
||||
|
||||
cgroup_taskset_for_each(task, cgrp, tset) {
|
||||
tcred = __task_cred(task);
|
||||
|
||||
if ((current != task) && !capable(CAP_SYS_ADMIN) &&
|
||||
cred->euid != tcred->uid && cred->euid != tcred->suid)
|
||||
return -EACCES;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Cgroup retains root cgroups across [un]mount cycles making it necessary
|
||||
* to verify sane_behavior flag on each mount attempt.
|
||||
|
|
@ -6966,6 +6983,7 @@ struct cgroup_subsys mem_cgroup_subsys = {
|
|||
.can_attach = mem_cgroup_can_attach,
|
||||
.cancel_attach = mem_cgroup_cancel_attach,
|
||||
.attach = mem_cgroup_move_task,
|
||||
.allow_attach = mem_cgroup_allow_attach,
|
||||
.bind = mem_cgroup_bind,
|
||||
.base_cftypes = mem_cgroup_files,
|
||||
.early_init = 0,
|
||||
|
|
|
|||
Loading…
Reference in a new issue