From: Gowrishankar M <gomut...@linux.vnet.ibm.com>
At present we scan all processes in init namespace, while getting or setting
process priorities for a user. Incase of PID namespace, it leads to leak
priority to processes in other namespace.
Below patch proposes to use new macro controller to fix the boundary of
processes list in current namespace.
Signed-off-by: Gowrishankar M <gowrishanka...@linux.vnet.ibm.com>
---
kernel/sys.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/kernel/sys.c b/kernel/sys.c
index 31deba8..50973de 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -181,7 +181,7 @@ asmlinkage long sys_setpriority(int which, int who, int
niceval)
if ((who != current->uid) && !(user =
find_user(who)))
goto out_unlock; /* No processes
for this user */
- do_each_thread(g, p)
+ do_each_thread_in_ns(g, p, current->nsproxy->pid_ns)
if (p->uid == who)
error = set_one_prio(p, niceval, error);
while_each_thread(g, p);
@@ -243,7 +243,7 @@ asmlinkage long sys_getpriority(int which, int who)
if ((who != current->uid) && !(user =
find_user(who)))
goto out_unlock; /* No processes
for this user */
- do_each_thread(g, p)
+ do_each_thread_in_ns(g, p, current->nsproxy->pid_ns)
if (p->uid == who) {
niceval = 20 - task_nice(p);
if (niceval > retval)
--
1.5.5.1
_______________________________________________
Containers mailing list
contain...@lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers
_______________________________________________
Devel mailing list
Devel@openvz.org
https://openvz.org/mailman/listinfo/devel
