On Wed, Oct 17, 2018 at 04:47:38PM -0600, [email protected] wrote: > Access to timerslack_ns is controlled by a process having CAP_SYS_NICE > in its effective capability set, but the current check looks in the root > namespace instead of the process' user namespace. Since a process is > allowed to do other activities controlled by CAP_SYS_NICE inside a > namespace, it should also be able to adjust timerslack_ns. > > Signed-off-by: Benjamin Gordon <[email protected]> > Cc: John Stultz <[email protected]> > Cc: Kees Cook <[email protected]> > Cc: "Serge E. Hallyn" <[email protected]> > Cc: Thomas Gleixner <[email protected]> > Cc: Arjan van de Ven <[email protected]> > Cc: Oren Laadan <[email protected]> > Cc: Ruchi Kandoi <[email protected]> > Cc: Rom Lemarchand <[email protected]> > Cc: Todd Kjos <[email protected]> > Cc: Colin Cross <[email protected]> > Cc: Nick Kralevich <[email protected]> > Cc: Dmitry Shmidt <[email protected]> > Cc: Elliott Hughes <[email protected]> > Cc: Android Kernel Team <[email protected]> > Cc: Andrew Morton <[email protected]> > --- > fs/proc/base.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/fs/proc/base.c b/fs/proc/base.c > index 7e9f07bf260d..4b50937dff80 100644 > --- a/fs/proc/base.c > +++ b/fs/proc/base.c > @@ -2356,7 +2356,7 @@ static ssize_t timerslack_ns_write(struct file *file, > const char __user *buf, > return -ESRCH; > > if (p != current) { > - if (!capable(CAP_SYS_NICE)) { > + if (!ns_capable(file->f_cred->user_ns, CAP_SYS_NICE)) { > count = -EPERM; > goto out; > } > @@ -2393,7 +2393,7 @@ static int timerslack_ns_show(struct seq_file *m, void > *v) > > if (p != current) { > > - if (!capable(CAP_SYS_NICE)) { > + if (!ns_capable(seq_user_ns(m), CAP_SYS_NICE)) { > err = -EPERM; > goto out; > } > -- > 2.19.1.331.ge82ca0e54c-goog >
Friendly ping. Does anybody have time to take a look at this? Thanks, Benjamin
