On Fri, 21 Oct 2005, Ray Bryant wrote:
> That code used to be there. Basically the check was that if you could
> legally send a signal to the process, you could migrate its memory.
> Go back and look and my patches for this.
>
> Why was this dropped, arbitrarily?
Sorry, it was separated out from the sys_migrate patch.
Here is the fix:
Index: linux-2.6.14-rc4-mm1/mm/mempolicy.c
===================================================================
--- linux-2.6.14-rc4-mm1.orig/mm/mempolicy.c 2005-10-20 14:45:45.000000000 -0700
+++ linux-2.6.14-rc4-mm1/mm/mempolicy.c 2005-10-21 09:32:19.000000000 -0700
@@ -784,12 +784,26 @@ asmlinkage long sys_migrate_pages(pid_t
if (!mm)
return -EINVAL;
+ /*
+ * Permissions check like for signals.
+ * See check_kill_permission()
+ */
+ if ((current->euid ^ task->suid) && (current->euid ^ task->uid) &&
+ (current->uid ^ task->suid) && (current->uid ^ task->uid) &&
+ !capable(CAP_SYS_ADMIN)) {
+ err = -EPERM;
+ goto out;
+ }
+
/* Is the user allowed to access the target nodes? */
- if (!nodes_subset(new, cpuset_mems_allowed(task)))
- return -EPERM;
+ if (!nodes_subset(new, cpuset_mems_allowed(task)) &&
+ !capable(CAP_SYS_ADMIN)) {
+ err= -EPERM;
+ goto out;
+ }
err = do_migrate_pages(mm, &old, &new, MPOL_MF_MOVE);
-
+out:
mmput(mm);
return err;
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
