mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/kernel/cgroup
History
Johannes Weiner 3eacee28b1 sched: psi: fix unprivileged polling against cgroups 
commit 8b39d20ece upstream.

519fabc7aa ("psi: remove 500ms min window size limitation for
triggers") breaks unprivileged psi polling on cgroups.

Historically, we had a privilege check for polling in the open() of a
pressure file in /proc, but were erroneously missing it for the open()
of cgroup pressure files.

When unprivileged polling was introduced in d82caa2735 ("sched/psi:
Allow unprivileged polling of N*2s period"), it needed to filter
privileges depending on the exact polling parameters, and as such
moved the CAP_SYS_RESOURCE check from the proc open() callback to
psi_trigger_create(). Both the proc files as well as cgroup files go
through this during write(). This implicitly added the missing check
for privileges required for HT polling for cgroups.

When 519fabc7aa ("psi: remove 500ms min window size limitation for
triggers") followed right after to remove further restrictions on the
RT polling window, it incorrectly assumed the cgroup privilege check
was still missing and added it to the cgroup open(), mirroring what we
used to do for proc files in the past.

As a result, unprivileged poll requests that would be supported now
get rejected when opening the cgroup pressure file for writing.

Remove the cgroup open() check. psi_trigger_create() handles it.

Fixes: 519fabc7aa ("psi: remove 500ms min window size limitation for triggers")
Reported-by: Luca Boccassi <bluca@debian.org>
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Acked-by: Luca Boccassi <bluca@debian.org>
Acked-by: Suren Baghdasaryan <surenb@google.com>
Cc: stable@vger.kernel.org # 6.5+
Link: https://lore.kernel.org/r/20231026164114.2488682-1-hannes@cmpxchg.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2023-11-28 17:15:00 +00:00
..
Makefile cgroup: Add misc cgroup controller 2021-04-04 13:34:46 -04:00
cgroup-internal.h cgroup: make cgroup_is_threaded() and cgroup_is_thread_root() static 2023-06-05 10:31:41 -10:00
cgroup-v1.c cgroup: Remove duplicates in cgroup v1 tasks file 2023-10-19 23:11:06 +02:00
cgroup.c sched: psi: fix unprivileged polling against cgroups 2023-11-28 17:15:00 +00:00
cpuset.c cgroup/cpuset: Inherit parent's load balance state in v2 2023-09-13 09:53:33 +02:00
debug.c kernel: cgroup: fix misuse of %x 2019-05-06 08:47:48 -07:00
freezer.c cgroup: cleanup comments 2022-03-13 19:19:27 -10:00
legacy_freezer.c cgroup,freezer: hold cpu_hotplug_lock before freezer_mutex in freezer_css_{online,offline}() 2023-06-12 06:39:48 -10:00
misc.c cgroup/misc: Expose misc.current on cgroup v2 root 2023-06-21 10:43:29 -10:00
namespace.c cgroup:namespace: Remove unused cgroup_namespaces_init() 2023-09-13 09:53:43 +02:00
pids.c cgroup: add pids.peak interface for pids controller 2022-09-04 09:26:51 -10:00
rdma.c rdmacg: fix kernel-doc warnings in rdmacg 2023-06-05 09:45:14 -10:00
rstat.c cgroup: remove cgroup_rstat_flush_atomic() 2023-06-09 16:25:15 -07:00