aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/sched.c
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/sched.c')
-rw-r--r--kernel/sched.c26
1 files changed, 21 insertions, 5 deletions
diff --git a/kernel/sched.c b/kernel/sched.c
index e4bb1dd7b308..33cf4a1cbcd1 100644
--- a/kernel/sched.c
+++ b/kernel/sched.c
@@ -345,7 +345,9 @@ static inline struct task_group *task_group(struct task_struct *p)
345 struct task_group *tg; 345 struct task_group *tg;
346 346
347#ifdef CONFIG_USER_SCHED 347#ifdef CONFIG_USER_SCHED
348 tg = p->user->tg; 348 rcu_read_lock();
349 tg = __task_cred(p)->user->tg;
350 rcu_read_unlock();
349#elif defined(CONFIG_CGROUP_SCHED) 351#elif defined(CONFIG_CGROUP_SCHED)
350 tg = container_of(task_subsys_state(p, cpu_cgroup_subsys_id), 352 tg = container_of(task_subsys_state(p, cpu_cgroup_subsys_id),
351 struct task_group, css); 353 struct task_group, css);
@@ -5134,6 +5136,22 @@ __setscheduler(struct rq *rq, struct task_struct *p, int policy, int prio)
5134 set_load_weight(p); 5136 set_load_weight(p);
5135} 5137}
5136 5138
5139/*
5140 * check the target process has a UID that matches the current process's
5141 */
5142static bool check_same_owner(struct task_struct *p)
5143{
5144 const struct cred *cred = current_cred(), *pcred;
5145 bool match;
5146
5147 rcu_read_lock();
5148 pcred = __task_cred(p);
5149 match = (cred->euid == pcred->euid ||
5150 cred->euid == pcred->uid);
5151 rcu_read_unlock();
5152 return match;
5153}
5154
5137static int __sched_setscheduler(struct task_struct *p, int policy, 5155static int __sched_setscheduler(struct task_struct *p, int policy,
5138 struct sched_param *param, bool user) 5156 struct sched_param *param, bool user)
5139{ 5157{
@@ -5193,8 +5211,7 @@ recheck:
5193 return -EPERM; 5211 return -EPERM;
5194 5212
5195 /* can't change other user's priorities */ 5213 /* can't change other user's priorities */
5196 if ((current->euid != p->euid) && 5214 if (!check_same_owner(p))
5197 (current->euid != p->uid))
5198 return -EPERM; 5215 return -EPERM;
5199 } 5216 }
5200 5217
@@ -5426,8 +5443,7 @@ long sched_setaffinity(pid_t pid, const cpumask_t *in_mask)
5426 read_unlock(&tasklist_lock); 5443 read_unlock(&tasklist_lock);
5427 5444
5428 retval = -EPERM; 5445 retval = -EPERM;
5429 if ((current->euid != p->euid) && (current->euid != p->uid) && 5446 if (!check_same_owner(p) && !capable(CAP_SYS_NICE))
5430 !capable(CAP_SYS_NICE))
5431 goto out_unlock; 5447 goto out_unlock;
5432 5448
5433 retval = security_task_setscheduler(p, 0, NULL); 5449 retval = security_task_setscheduler(p, 0, NULL);