Loading mm/memcontrol.c +18 −0 Original line number Diff line number Diff line Loading @@ -6941,6 +6941,23 @@ static void mem_cgroup_move_task(struct cgroup *cont, } #endif static int mem_cgroup_allow_attach(struct cgroup *cgrp, struct cgroup_taskset *tset) { const struct cred *cred = current_cred(), *tcred; struct task_struct *task; cgroup_taskset_for_each(task, cgrp, tset) { tcred = __task_cred(task); if ((current != task) && !capable(CAP_SYS_ADMIN) && cred->euid != tcred->uid && cred->euid != tcred->suid) return -EACCES; } return 0; } /* * Cgroup retains root cgroups across [un]mount cycles making it necessary * to verify sane_behavior flag on each mount attempt. Loading @@ -6966,6 +6983,7 @@ struct cgroup_subsys mem_cgroup_subsys = { .can_attach = mem_cgroup_can_attach, .cancel_attach = mem_cgroup_cancel_attach, .attach = mem_cgroup_move_task, .allow_attach = mem_cgroup_allow_attach, .bind = mem_cgroup_bind, .base_cftypes = mem_cgroup_files, .early_init = 0, Loading Loading
mm/memcontrol.c +18 −0 Original line number Diff line number Diff line Loading @@ -6941,6 +6941,23 @@ static void mem_cgroup_move_task(struct cgroup *cont, } #endif static int mem_cgroup_allow_attach(struct cgroup *cgrp, struct cgroup_taskset *tset) { const struct cred *cred = current_cred(), *tcred; struct task_struct *task; cgroup_taskset_for_each(task, cgrp, tset) { tcred = __task_cred(task); if ((current != task) && !capable(CAP_SYS_ADMIN) && cred->euid != tcred->uid && cred->euid != tcred->suid) return -EACCES; } return 0; } /* * Cgroup retains root cgroups across [un]mount cycles making it necessary * to verify sane_behavior flag on each mount attempt. Loading @@ -6966,6 +6983,7 @@ struct cgroup_subsys mem_cgroup_subsys = { .can_attach = mem_cgroup_can_attach, .cancel_attach = mem_cgroup_cancel_attach, .attach = mem_cgroup_move_task, .allow_attach = mem_cgroup_allow_attach, .bind = mem_cgroup_bind, .base_cftypes = mem_cgroup_files, .early_init = 0, Loading
