| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 25 Jun 2017 00:27:17 -0400
From: Tejun Heo <tj@...nel.org>
To: Li Zefan <lizefan@...wei.com>, Johannes Weiner <hannes@...xchg.org>
Cc: cgroups@...r.kernel.org, Aravind Anbudurai <aru7@...com>,
linux-kernel@...r.kernel.org
Subject: [1/3] cgroup: "cgroup.subtree_control" should be writeable by
delegatee
"cgroup.subtree_control" determines which resource types a cgroup
wants to control. Unlike actual resource knobs, this is an attribute
which belongs to the cgroup itself instead of its parent and thus
should be writeable by the delegatee in a delegated cgroup.
Update delegation documentation accordingly.
Signed-off-by: Tejun Heo <tj@...nel.org>
---
Documentation/cgroup-v2.txt | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
--- a/Documentation/cgroup-v2.txt
+++ b/Documentation/cgroup-v2.txt
@@ -309,10 +309,11 @@ file.
2-5-1. Model of Delegation
A cgroup can be delegated to a less privileged user by granting write
-access of the directory and its "cgroup.procs" file to the user. Note
-that resource control interface files in a given directory control the
-distribution of the parent's resources and thus must not be delegated
-along with the directory.
+access of the directory and its "cgroup.procs" and
+"cgroup.subtree_control" files to the user. Note that resource
+control interface files in a given directory control the distribution
+of the parent's resources and thus must not be delegated along with
+the directory.
Once delegated, the user can build sub-hierarchy under the directory,
organize processes as it sees fit and further distribute the resources
Powered by blists - more mailing lists