From: Ruchi Kandoi <kandoiruchi@google.com>
Date: Sat, 14 Jun 2014 00:03:01 +0000 (-0700)
Subject: prctl: adds the capable(CAP_SYS_NICE) check to PR_SET_TIMERSLACK_PID.
X-Git-Tag: firefly_0821_release~4090^2~312
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=8ae872f1d59990a1f33a7e5aae6b5bcbedc5806f;p=firefly-linux-kernel-4.4.55.git

prctl: adds the capable(CAP_SYS_NICE) check to PR_SET_TIMERSLACK_PID.

Adds a capable() check to make sure that arbitary apps do not change the
timer slack for other apps.

Bug: 15000427
Change-Id: I558a2551a0e3579c7f7e7aae54b28aa9d982b209
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
---

diff --git a/kernel/sys.c b/kernel/sys.c
index 875529e936ab..ab7fda5fbe18 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -2378,6 +2378,9 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
 				return -EINVAL;
 			break;
 		case PR_SET_TIMERSLACK_PID:
+			if (current->pid != (pid_t)arg3 &&
+					!capable(CAP_SYS_NICE))
+				return -EPERM;
 			rcu_read_lock();
 			tsk = find_task_by_pid_ns((pid_t)arg3, &init_pid_ns);
 			if (tsk == NULL) {