diff options
author | Jeremy Fitzhardinge <jeremy@goop.org> | 2008-08-03 12:33:03 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-08-04 20:16:20 -0400 |
commit | 725aad24c3ba96a7c06448c14c265a466cdbd663 (patch) | |
tree | bbe0eae923736950030751651f70f3ace4cc7693 /kernel | |
parent | 5941de8eadc287f3f47b87ce9888734ee07d210b (diff) |
__sched_setscheduler: don't do any policy checks when not "user"
The "user" parameter to __sched_setscheduler indicates whether the
change is being done on behalf of a user process or not. If not, we
shouldn't apply any permissions checks, so don't call
security_task_setscheduler().
Signed-off-by: Jeremy Fitzhardinge <jeremy@goop.org>
Tested-by: Steve Wise <swise@opengridcomputing.com>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/sched.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/kernel/sched.c b/kernel/sched.c index 21f7da94662e..04160d277e7a 100644 --- a/kernel/sched.c +++ b/kernel/sched.c | |||
@@ -5004,19 +5004,21 @@ recheck: | |||
5004 | return -EPERM; | 5004 | return -EPERM; |
5005 | } | 5005 | } |
5006 | 5006 | ||
5007 | if (user) { | ||
5007 | #ifdef CONFIG_RT_GROUP_SCHED | 5008 | #ifdef CONFIG_RT_GROUP_SCHED |
5008 | /* | 5009 | /* |
5009 | * Do not allow realtime tasks into groups that have no runtime | 5010 | * Do not allow realtime tasks into groups that have no runtime |
5010 | * assigned. | 5011 | * assigned. |
5011 | */ | 5012 | */ |
5012 | if (user | 5013 | if (rt_policy(policy) && task_group(p)->rt_bandwidth.rt_runtime == 0) |
5013 | && rt_policy(policy) && task_group(p)->rt_bandwidth.rt_runtime == 0) | 5014 | return -EPERM; |
5014 | return -EPERM; | ||
5015 | #endif | 5015 | #endif |
5016 | 5016 | ||
5017 | retval = security_task_setscheduler(p, policy, param); | 5017 | retval = security_task_setscheduler(p, policy, param); |
5018 | if (retval) | 5018 | if (retval) |
5019 | return retval; | 5019 | return retval; |
5020 | } | ||
5021 | |||
5020 | /* | 5022 | /* |
5021 | * make sure no PI-waiters arrive (or leave) while we are | 5023 | * make sure no PI-waiters arrive (or leave) while we are |
5022 | * changing the priority of the task: | 5024 | * changing the priority of the task: |