• Ben Segall's avatar
    pidns: fix set/getpriority and ioprio_set/get in PRIO_USER mode · 8639b461
    Ben Segall authored
    setpriority(PRIO_USER, 0, x) will change the priority of tasks outside of
    the current pid namespace.  This is in contrast to both the other modes of
    setpriority and the example of kill(-1).  Fix this.  getpriority and
    ioprio have the same failure mode, fix them too.
    Eric said:
    : After some more thinking about it this patch sounds justifiable.
    : My goal with namespaces is not to build perfect isolation mechanisms
    : as that can get into ill defined territory, but to build well defined
    : mechanisms.  And to handle the corner cases so you can use only
    : a single namespace with well defined results.
    : In this case you have found the two interfaces I am aware of that
    : identify processes by uid instead of by pid.  Which quite frankly is
    : weird.  Unfortunately the weird unexpected cases are hard to handle
    : in the usual way.
    : I was hoping for a little more information.  Changes like this one we
    : have to be careful of because someone might be depending on the current
    : behavior.  I don't think they are and I do think this make sense as part
    : of the pid namespace.
    Signed-off-by: default avatarBen Segall <bsegall@google.com>
    Cc: Oleg Nesterov <oleg@redhat.com>
    Cc: Al Viro <viro@zeniv.linux.org.uk>
    Cc: Ambrose Feinstein <ambrose@google.com>
    Acked-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
ioprio.c 5.07 KB