mirros/rockchip-kernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cgroup: Change from CAP_SYS_NICE to CAP_SYS_RESOURCE for cgroup migration permissions

Browse Source 
Try to better match what we're pushing upstream, use CAP_SYS_RESOURCE
instead of CAP_SYS_NICE, which shoudln't affect Android as Zygote and
system_server already use CAP_SYS_RESOURCE.

Change-Id: I2f8f6715788bc03725696ef8e58429ce0cc330b3
Signed-off-by: John Stultz <john.stultz@linaro.org>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Signed-off-by: Huang, Tao <huangtao@rock-chips.com>
This commit is contained in:
John Stultz
2016-10-18 16:20:23 -07:00
committed by Huang, Tao
parent 04c9bdffb1
commit 3bdd456479
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
kernel/cgroup.c
View File

@@ -2137,7 +2137,7 @@ retry_find_task:
if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
!uid_eq(cred->euid, tcred->uid) &&
!uid_eq(cred->euid, tcred->suid) &&
!ns_capable(tcred->user_ns, CAP_SYS_NICE)) {
!ns_capable(tcred->user_ns, CAP_SYS_RESOURCE)) {
rcu_read_unlock();
ret = -EACCES;
goto out_unlock_cgroup;