Re: [RFC][PATCH 0/2] Android style loosening of cgroup attach permissions

From: John Stultz
Date: Tue Jun 02 2015 - 15:07:34 EST

Next message: Laura Abbott: "[PATCH] [media] v4l2-ioctl: Give more information when device_caps are missing"
Previous message: Andreas Mohr: "pm: record / retain actual reason of last system wakeup??"
Next in thread: Tejun Heo: "Re: [RFC][PATCH 0/2] Android style loosening of cgroup attach permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 20, 2015 at 8:41 PM, John Stultz <john.stultz@xxxxxxxxxx> wrote:
> As a heads up, this is just a first RFC and not a submission.
>
> Android currently loosens the cgroup attchment permissions, allowing
> tasks with CAP_SYS_NICE to be able to allow tasks to move arbitrary
> tasks across cgroups.
>
> At first glance, overloading CAP_SYS_NICE seems a bit hackish, but this
> shows that there is a active and widely deployed use for different cgroup
> attachment rules then what is currently available.
>
> I've tried to rework the patches so this attachment policy is build
> time configurable, and wanted to send them out for review so folks
> might give their thoughts on this implementation and what they might
> see as a better way to go about achieving the same goal.
>
> Thoughts and feedback would be appriciated!

Ping? Not sure if I hit folks at a busy time or if I didn't cc the right folks?

thanks
-john
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Laura Abbott: "[PATCH] [media] v4l2-ioctl: Give more information when device_caps are missing"
Previous message: Andreas Mohr: "pm: record / retain actual reason of last system wakeup??"
Next in thread: Tejun Heo: "Re: [RFC][PATCH 0/2] Android style loosening of cgroup attach permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]