Re: [PATCH] psi: allow unprivileged users with CAP_SYS_RESOURCE to write psi files

From: Johannes Weiner
Date: Thu Apr 01 2021 - 15:48:02 EST

Next message: pr-tracker-bot: "Re: [git pull] drm fixes for 5.12-rc6"
Previous message: Suren Baghdasaryan: "Re: [PATCH 1/5] mm: reuse only-pte-mapped KSM page in do_wp_page()"
In reply to: Peter Zijlstra: "Re: [PATCH] psi: allow unprivileged users with CAP_SYS_RESOURCE to write psi files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 01, 2021 at 08:47:33AM +0200, Peter Zijlstra wrote:
> On Wed, Mar 31, 2021 at 11:31:56PM -0400, Josh Hunt wrote:
> > Currently only root can write files under /proc/pressure. Relax this to
> > allow tasks running as unprivileged users with CAP_SYS_RESOURCE to be
> > able to write to these files.
> >
> > Signed-off-by: Josh Hunt <johunt@xxxxxxxxxx>
>
> I suppose that's ok, but lets also ask Johannes.

The write creates a kthread that runs as SCHED_FIFO. For userspace
threads this is reserved for CAP_SYS_NICE tasks, but it's a kernel
thread and not arbitrary code, so I suppose CAP_SYS_RESOURCE is fine.

Acked-by: Johannes Weiner <hannes@xxxxxxxxxxx>

Next message: pr-tracker-bot: "Re: [git pull] drm fixes for 5.12-rc6"
Previous message: Suren Baghdasaryan: "Re: [PATCH 1/5] mm: reuse only-pte-mapped KSM page in do_wp_page()"
In reply to: Peter Zijlstra: "Re: [PATCH] psi: allow unprivileged users with CAP_SYS_RESOURCE to write psi files"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]