From: Parth Shah <parth@linux.ibm.com>
To: linux-kernel@vger.kernel.org
Cc: peterz@infradead.org, mingo@redhat.com,
vincent.guittot@linaro.org, dietmar.eggemann@arm.com,
qais.yousef@arm.com, chris.hyser@oracle.com,
pkondeti@codeaurora.org, patrick.bellasi@matbug.net,
valentin.schneider@arm.com, David.Laight@ACULAB.COM,
pjt@google.com, pavel@ucw.cz, tj@kernel.org,
dhaval.giani@oracle.com, qperret@google.com,
tim.c.chen@linux.intel.com
Subject: [PATCH v5 4/4] sched/core: Add permission checks for setting the latency_nice value
Date: Fri, 28 Feb 2020 14:37:55 +0530 [thread overview]
Message-ID: <20200228090755.22829-5-parth@linux.ibm.com> (raw)
In-Reply-To: <20200228090755.22829-1-parth@linux.ibm.com>
Since the latency_nice uses the similar infrastructure as NICE, use the
already existing CAP_SYS_NICE security checks for the latency_nice. This
should return -EPERM for the non-root user when trying to set the task
latency_nice value to any lower than the current value.
Signed-off-by: Parth Shah <parth@linux.ibm.com>
Reviewed-by: Chris Hyser <chris.hyser@oracle.com>
---
kernel/sched/core.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index cd1fb9c8be26..564b3a2036d4 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -4875,6 +4875,10 @@ static int __sched_setscheduler(struct task_struct *p,
return -EINVAL;
if (attr->sched_latency_nice < MIN_LATENCY_NICE)
return -EINVAL;
+ /* Use the same security checks as NICE */
+ if (attr->sched_latency_nice < p->latency_nice &&
+ !capable(CAP_SYS_NICE))
+ return -EPERM;
}
if (pi)
--
2.17.2
next prev parent reply other threads:[~2020-02-28 9:08 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-28 9:07 [PATCH v5 0/4] Introduce per-task latency_nice for scheduler hints Parth Shah
2020-02-28 9:07 ` [PATCH v5 1/4] sched: Introduce latency-nice as a per-task attribute Parth Shah
2020-02-28 9:07 ` [PATCH v5 2/4] sched/core: Propagate parent task's latency requirements to the child task Parth Shah
2020-02-28 9:07 ` [PATCH v5 3/4] sched: Allow sched_{get,set}attr to change latency_nice of the task Parth Shah
2020-05-11 11:13 ` Dietmar Eggemann
2020-05-13 9:41 ` Parth Shah
2020-05-13 11:14 ` Parth Shah
2020-02-28 9:07 ` Parth Shah [this message]
2020-03-06 16:36 ` [PATCH v5 0/4] Introduce per-task latency_nice for scheduler hints chris hyser
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200228090755.22829-5-parth@linux.ibm.com \
--to=parth@linux.ibm.com \
--cc=David.Laight@ACULAB.COM \
--cc=chris.hyser@oracle.com \
--cc=dhaval.giani@oracle.com \
--cc=dietmar.eggemann@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=patrick.bellasi@matbug.net \
--cc=pavel@ucw.cz \
--cc=peterz@infradead.org \
--cc=pjt@google.com \
--cc=pkondeti@codeaurora.org \
--cc=qais.yousef@arm.com \
--cc=qperret@google.com \
--cc=tim.c.chen@linux.intel.com \
--cc=tj@kernel.org \
--cc=valentin.schneider@arm.com \
--cc=vincent.guittot@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.