[PATCH] VM: add capabilites check to set_zone

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] VM: add capabilites check to set_zone_reclaim
@ 2005-07-27 22:14 Martin Hicks
  2005-07-27 23:33 ` Christoph Lameter
  0 siblings, 1 reply; 2+ messages in thread
From: Martin Hicks @ 2005-07-27 22:14 UTC (permalink / raw)
  To: Linux-MM

Hi Andrew,

Here's a patch to add a capability check to sys_set_zone_reclaim().
This syscall is not something that should be available to a user.

Against a recent .git tree.

mh

-- 
Martin Hicks   ||   Silicon Graphics Inc.   ||   mort@sgi.com


Add capabilities check on the set_zone_reclaim() syscall.

Signed-off-by:  Martin Hicks <mort@sgi.com>

---
commit 3297435cafea4822b23d74b051f046694b40beb8
tree 6b64393e98968719818b05b2562714c6f44db531
parent e17fbedb41baa72f5e24ee02f4f43f44e2d3114d
author Martin Hicks,,,,,,,engr <mort@tomahawk.engr.sgi.com> Wed, 27 Jul 2005 09:14:48 -0700
committer Martin Hicks,,,,,,,engr <mort@tomahawk.engr.sgi.com> Wed, 27 Jul 2005 09:14:48 -0700

 include/linux/capability.h |    1 +
 mm/vmscan.c                |    3 +++
 2 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/include/linux/capability.h b/include/linux/capability.h
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -233,6 +233,7 @@ typedef __u32 kernel_cap_t;
 /* Allow enabling/disabling tagged queuing on SCSI controllers and sending
    arbitrary SCSI commands */
 /* Allow setting encryption key on loopback filesystem */
+/* Allow setting zone reclaim policy */
 
 #define CAP_SYS_ADMIN        21
 
diff --git a/mm/vmscan.c b/mm/vmscan.c
--- a/mm/vmscan.c
+++ b/mm/vmscan.c
@@ -1376,6 +1376,9 @@ asmlinkage long sys_set_zone_reclaim(uns
 	struct zone *z;
 	int i;
 
+        if (!capable(CAP_SYS_ADMIN))
+                return -EACCES;
+
 	if (node >= MAX_NUMNODES || !node_online(node))
 		return -EINVAL;
 
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH] VM: add capabilites check to set_zone_reclaim
  2005-07-27 22:14 [PATCH] VM: add capabilites check to set_zone_reclaim Martin Hicks
@ 2005-07-27 23:33 ` Christoph Lameter
  0 siblings, 0 replies; 2+ messages in thread
From: Christoph Lameter @ 2005-07-27 23:33 UTC (permalink / raw)
  To: Martin Hicks; +Cc: Linux-MM

On Wed, 27 Jul 2005, Martin Hicks wrote:

>  	struct zone *z;
>  	int i;
>  
> +        if (!capable(CAP_SYS_ADMIN))
> +                return -EACCES;
> +
>  	if (node >= MAX_NUMNODES || !node_online(node))
>  		return -EINVAL;

Fix the whitespace issues.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2005-07-27 23:33 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-07-27 22:14 [PATCH] VM: add capabilites check to set_zone_reclaim Martin Hicks
2005-07-27 23:33 ` Christoph Lameter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox