From: Ray Bryant <raybry@sgi.com>
To: Hirokazu Takahashi <taka@valinux.co.jp>,
Dave Hansen <haveblue@us.ibm.com>,
Marcelo Tosatti <marcelo.tosatti@cyclades.com>,
Andi Kleen <ak@suse.de>
Cc: Christoph Hellwig <hch@infradead.org>,
linux-mm <linux-mm@kvack.org>, Nathan Scott <nathans@sgi.com>,
Ray Bryant <raybry@austin.rr.com>,
lhms-devel@lists.sourceforge.net, Ray Bryant <raybry@sgi.com>
Subject: [PATCH 2.6.12-rc3 8/8] mm: manual page migration-rc2 -- sys_migrate_pages-permissions-check-rc2.patch
Date: Tue, 10 May 2005 21:38:47 -0700 (PDT) [thread overview]
Message-ID: <20050511043847.10876.65016.55033@jackhammer.engr.sgi.com> (raw)
In-Reply-To: <20050511043756.10876.72079.60115@jackhammer.engr.sgi.com>
Add permissions checking to migrate_pages() system call. The basic
idea is that if the calling process could send an arbitary signal to a
process then you are allowed to migrate that process, or if the calling
process has capability CAP_SYS_ADMIN. The permissions check is based
on that in check_kill_permission() in kernel/signal.c.
Signed-off-by: Ray Bryant <raybry@sgi.com>
include/linux/capability.h | 2 ++
mm/mmigrate.c | 14 ++++++++++++++
2 files changed, 16 insertions(+)
Index: linux-2.6.12-rc3-mhp1-page-migration-export/include/linux/capability.h
===================================================================
--- linux-2.6.12-rc3-mhp1-page-migration-export.orig/include/linux/capability.h 2005-05-10 12:29:49.000000000 -0700
+++ linux-2.6.12-rc3-mhp1-page-migration-export/include/linux/capability.h 2005-05-10 12:31:16.000000000 -0700
@@ -233,6 +233,8 @@ typedef __u32 kernel_cap_t;
/* Allow enabling/disabling tagged queuing on SCSI controllers and sending
arbitrary SCSI commands */
/* Allow setting encryption key on loopback filesystem */
+/* Allow using the migrate_pages() system call to migrate a process's pages
+ from one set of NUMA nodes to another */
#define CAP_SYS_ADMIN 21
Index: linux-2.6.12-rc3-mhp1-page-migration-export/mm/mmigrate.c
===================================================================
--- linux-2.6.12-rc3-mhp1-page-migration-export.orig/mm/mmigrate.c 2005-05-10 12:29:49.000000000 -0700
+++ linux-2.6.12-rc3-mhp1-page-migration-export/mm/mmigrate.c 2005-05-10 12:54:26.000000000 -0700
@@ -15,6 +15,8 @@
#include <linux/module.h>
#include <linux/swap.h>
#include <linux/pagemap.h>
+#include <linux/sched.h>
+#include <linux/capability.h>
#include <linux/init.h>
#include <linux/highmem.h>
#include <linux/writeback.h>
@@ -775,6 +777,18 @@ sys_migrate_pages(const pid_t pid, const
task = find_task_by_pid(pid);
if (task) {
task_lock(task);
+ /*
+ * does this task have permission to migrate that task?
+ * (ala check_kill_permission() )
+ */
+ if ((current->euid ^ task->suid) && (current->euid ^ task->uid)
+ && (current->uid ^ task->suid) && (current->uid ^ task->uid)
+ && !capable(CAP_SYS_ADMIN)) {
+ ret = -EPERM;
+ task_unlock(task);
+ read_unlock(&tasklist_lock);
+ goto out;
+ }
mm = task->mm;
if (mm)
atomic_inc(&mm->mm_users);
--
Best Regards,
Ray
-----------------------------------------------
Ray Bryant raybry@sgi.com
The box said: "Requires Windows 98 or better",
so I installed Linux.
-----------------------------------------------
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"aart@kvack.org"> aart@kvack.org </a>
prev parent reply other threads:[~2005-05-11 4:38 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-11 4:37 [PATCH 2.6.12-rc3 0/8] mm: manual page migration-rc2 -- overview Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 1/8] mm: manual page migration-rc2 -- xfs-extended-attributes-rc2.patch Ray Bryant
2005-05-11 7:15 ` Christoph Hellwig
2005-05-11 12:10 ` [Lhms-devel] " Ray Bryant
2005-05-11 12:59 ` Andi Kleen
2005-05-11 18:43 ` Ray Bryant
2005-05-11 19:32 ` Andi Kleen
2005-05-11 20:00 ` Christoph Hellwig
2005-05-11 22:04 ` Ray Bryant
2005-05-12 10:45 ` Christoph Hellwig
2005-05-17 4:22 ` Ray Bryant
2005-05-18 6:20 ` Paul Jackson
2005-05-18 14:49 ` Ray Bryant
2005-05-20 22:26 ` Ray Bryant
2005-05-23 17:50 ` Steve Longerbeam
2005-05-24 4:53 ` Ray Bryant
2005-05-24 20:59 ` Christoph Lameter
2005-05-24 21:04 ` Martin J. Bligh
2005-05-25 6:42 ` Ray Bryant
2005-05-28 8:40 ` Christoph Hellwig
2005-05-28 16:12 ` Ray Bryant
2005-05-11 19:50 ` Christoph Hellwig
2005-05-11 21:30 ` Ray Bryant
2005-05-12 9:55 ` Christoph Hellwig
2005-05-12 15:47 ` Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 2/8] mm: manual page migration-rc2 -- xfs-migrate-page-rc2.patch Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 3/8] mm: manual page migration-rc2 -- add-node_map-arg-to-try_to_migrate_pages-rc2.patch Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 4/8] mm: manual page migration-rc2 -- add-sys_migrate_pages-rc2.patch Ray Bryant
2005-05-11 8:24 ` Christoph Hellwig
2005-05-18 19:07 ` Ray Bryant
2005-05-28 9:14 ` Christoph Hellwig
2005-05-28 15:53 ` Ray Bryant
2005-05-11 13:23 ` Hirokazu Takahashi
2005-05-11 13:26 ` Hirokazu Takahashi
2005-05-11 14:06 ` Ray Bryant
2005-05-12 6:41 ` Hirokazu Takahashi
2005-05-12 16:41 ` Ray Bryant
2005-05-12 23:50 ` Hirokazu Takahashi
2005-05-13 9:59 ` [Lhms-devel] " Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 5/8] mm: manual page migration-rc2 -- sys_migrate_pages-xattr-support-rc2.patch Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 6/8] mm: manual page migration-rc2 -- sys_migrate_pages-mempolicy-migration-rc2.patch Ray Bryant
2005-05-11 4:38 ` [PATCH 2.6.12-rc3 7/8] mm: manual page migration-rc2 -- sys_migrate_pages-cpuset-support-rc2.patch Ray Bryant
2005-05-11 12:37 ` Paul Jackson
2005-05-11 14:20 ` Ray Bryant
2005-05-11 18:55 ` [Lhms-devel] " Paul Jackson
2005-05-11 4:38 ` Ray Bryant [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050511043847.10876.65016.55033@jackhammer.engr.sgi.com \
--to=raybry@sgi.com \
--cc=ak@suse.de \
--cc=haveblue@us.ibm.com \
--cc=hch@infradead.org \
--cc=lhms-devel@lists.sourceforge.net \
--cc=linux-mm@kvack.org \
--cc=marcelo.tosatti@cyclades.com \
--cc=nathans@sgi.com \
--cc=raybry@austin.rr.com \
--cc=taka@valinux.co.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox