Commit 6d3971da authored by Christian Brauner's avatar Christian Brauner Committed by Tejun Heo
Browse files

cgroup: clarify cgroup_css_set_fork() 



With recent fixes for the permission checking when moving a task into a cgroup
using a file descriptor to a cgroup's cgroup.procs file and calling write() it
seems a good idea to clarify CLONE_INTO_CGROUP permission checking with a
comment.

Cc: Tejun Heo <tj@kernel.org>
Cc: <cgroups@vger.kernel.org>
Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
Signed-off-by: default avatarTejun Heo <tj@kernel.org>
parent 05c7b7a9

kernel/cgroup/cgroup.c

+14 −0
Original line number Diff line number Diff line
@@ -6161,6 +6161,20 @@ static int cgroup_css_set_fork(struct kernel_clone_args *kargs) 
	if (ret)

		goto err;



	/*

	 * Spawning a task directly into a cgroup works by passing a file

	 * descriptor to the target cgroup directory. This can even be an O_PATH

	 * file descriptor. But it can never be a cgroup.procs file descriptor.

	 * This was done on purpose so spawning into a cgroup could be

	 * conceptualized as an atomic

	 *

	 *   fd = openat(dfd_cgroup, "cgroup.procs", ...);

	 *   write(fd, <child-pid>, ...);

	 *

	 * sequence, i.e. it's a shorthand for the caller opening and writing

	 * cgroup.procs of the cgroup indicated by @dfd_cgroup. This allows us

	 * to always use the caller's credentials.

	 */

	ret = cgroup_attach_permissions(cset->dfl_cgrp, dst_cgrp, sb,

					!(kargs->flags & CLONE_THREAD),

					current->nsproxy->cgroup_ns);