diff options
| author | Dmitry Torokhov <dtor@chromium.org> | 2016-10-06 15:53:38 -0700 |
|---|---|---|
| committer | Bruno Martins <bgcngm@gmail.com> | 2024-01-10 15:40:04 +0000 |
| commit | a3591a235c89dbc2e0bc03533fb538f6d2aa883b (patch) | |
| tree | 4ac4c45b2e5a48343c29b6b74371590adf9f3558 /include/linux | |
| parent | 5e0c41643bbb4d0290ac383f45fdaf684a907f74 (diff) | |
CHROMIUM: remove Android's cgroup generic permissions checks
The implementation is utterly broken, resulting in all processes being
allows to move tasks between sets (as long as they have access to the
"tasks" attribute), and upstream is heading towards checking only
capability anyway, so let's get rid of this code.
BUG=b:31790445,chromium:647994
TEST=Boot android container, examine logcat
Change-Id: I2f780a5992c34e52a8f2d0b3557fc9d490da2779
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/394967
Reviewed-by: Ricky Zhou <rickyz@chromium.org>
Reviewed-by: John Stultz <john.stultz@linaro.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/cgroup-defs.h | 2 | ||||
| -rw-r--r-- | include/linux/cgroup.h | 16 |
2 files changed, 0 insertions, 18 deletions
diff --git a/include/linux/cgroup-defs.h b/include/linux/cgroup-defs.h index d3036be98027..8a590cd40be0 100644 --- a/include/linux/cgroup-defs.h +++ b/include/linux/cgroup-defs.h @@ -452,8 +452,6 @@ struct cgroup_subsys { void (*css_free)(struct cgroup_subsys_state *css); void (*css_reset)(struct cgroup_subsys_state *css); - int (*allow_attach)(struct cgroup_subsys_state *css, - struct cgroup_taskset *tset); int (*can_attach)(struct cgroup_taskset *tset); void (*cancel_attach)(struct cgroup_taskset *tset); void (*attach)(struct cgroup_taskset *tset); diff --git a/include/linux/cgroup.h b/include/linux/cgroup.h index f3b356ee66d6..ca47b5d42764 100644 --- a/include/linux/cgroup.h +++ b/include/linux/cgroup.h @@ -640,17 +640,6 @@ static inline void cgroup_kthread_ready(void) current->no_cgroup_migration = 0; } -/* - * Default Android check for whether the current process is allowed to move a - * task across cgroups, either because CAP_SYS_NICE is set or because the uid - * of the calling process is the same as the moved task or because we are - * running as root. - * Returns 0 if this is allowed, or -EACCES otherwise. - */ -int subsys_cgroup_allow_attach(struct cgroup_subsys_state *css, - struct cgroup_taskset *tset); - - #else /* !CONFIG_CGROUPS */ struct cgroup_subsys_state; @@ -681,11 +670,6 @@ static inline bool task_under_cgroup_hierarchy(struct task_struct *task, static inline void cgroup_init_kthreadd(void) {} static inline void cgroup_kthread_ready(void) {} -static inline int subsys_cgroup_allow_attach(struct cgroup_subsys_state *css, - struct cgroup_taskset *tset) -{ - return 0; -} #endif /* !CONFIG_CGROUPS */ /* |