Skip to content

GitLab

Switch branch/tag
History Find file
Clone
cgroup-v1: Require capabilities to set release_agent
Eric W. Biederman authored 
commit 24f60085

 upstream.

The cgroup release_agent is called with call_usermodehelper.  The function
call_usermodehelper starts the release_agent with a full set fo capabilities.
Therefore require capabilities when setting the release_agaent.
Reported-by: default avatarTabitha Sable <tabitha.c.sable@gmail.com>
Tested-by: default avatarTabitha Sable <tabitha.c.sable@gmail.com>
Fixes: 81a6a5cd

 ("Task Control Groups: automatic userspace notification of idle cgroups")
Cc: stable@vger.kernel.org # v2.6.24+
Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: default avatarTejun Heo <tj@kernel.org>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
9c9dbb95
Name Last commit Last update
Documentation dt-bindings: can: tcan4x5x: fix mram-cfg RX FIFO config
LICENSES LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes"
arch KVM: nVMX: Allow VMREAD when Enlightened VMCS is in use
block block: Fix wrong offset in bio_truncate()
certs certs: Add support for using elliptic curve keys for signing modules
crypto crypto: jitter - consider 32 LSB for APT
drivers drm/vc4: hdmi: Make sure the device is powered with CEC
fs ceph: put the requests/sessions when it fails to alloc memory
include psi: fix "no previous prototype" warnings when CONFIG_CGROUPS=n
init kbuild: Fix -Wimplicit-fallthrough=5 error for GCC 5.x and 6.x
ipc shm: extend forced shm destroy to support objects from several IPC nses
kernel cgroup-v1: Require capabilities to set release_agent
lib lib/test_meminit: destroy cache in kmem_cache_alloc_bulk() test
mm memcg: better bounds on the memcg stats updates
net net: bridge: vlan: fix memory leak in __allowed_ingress
samples samples: bpf: Fix 'unknown warning group' build warning on Clang
scripts scripts: sphinx-pre-install: Fix ctex support on Debian
security security, lsm: dentry_init_security() Handle multi LSM registration
sound ASoC: SOF: handle paused streams during system suspend
tools selftests: mptcp: fix ipv6 routing setup
usr usr/include/Makefile: add linux/nfc.h to the compile-test coverage
virt Revert "KVM: SVM: avoid infinite loop on NPF from bad address"
.clang-format clang-format: Update with the latest for_each macro list
.cocciconfig scripts: add Linux .cocciconfig for coccinelle
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl
.gitattributes
.gitignore
.mailmap
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS
Makefile
README
README
Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.