From: Dmitry Torokhov <dtor@chromium.org>
Date: Thu, 6 Oct 2016 23:14:16 +0000 (-0700)
Subject: CHROMIUM: cgroups: relax permissions on moving tasks between cgroups
X-Git-Tag: firefly_0821_release~176^2~111
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=e129860f82d8484528e51619cc0d55434cbd14bd;p=firefly-linux-kernel-4.4.55.git

CHROMIUM: cgroups: relax permissions on moving tasks between cgroups

Android expects system_server to be able to move tasks between different
cgroups/cpusets, but does not want to be running as root. Let's relax
permission check so that processes can move other tasks if they have
CAP_SYS_NICE in the affected task's user namespace.

BUG=b:31790445,chromium:647994
TEST=Boot android container, examine logcat

Change-Id: Ia919c66ab6ed6a6daf7c4cf67feb38b13b1ad09b
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/394927
Reviewed-by: Ricky Zhou <rickyz@chromium.org>
---

diff --git a/kernel/cgroup.c b/kernel/cgroup.c
index fec27295a1ec..fcb037068e3f 100644
--- a/kernel/cgroup.c
+++ b/kernel/cgroup.c
@@ -2685,7 +2685,8 @@ static int cgroup_procs_write_permission(struct task_struct *task,
 	 */
 	if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
 	    !uid_eq(cred->euid, tcred->uid) &&
-	    !uid_eq(cred->euid, tcred->suid))
+	    !uid_eq(cred->euid, tcred->suid) &&
+	    !ns_capable(tcred->user_ns, CAP_SYS_NICE))
 		ret = -EACCES;
 
 	if (!ret && cgroup_on_dfl(dst_cgrp)) {