From patchwork Wed Mar 1 01:46:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Suren Baghdasaryan X-Patchwork-Id: 13155419 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26A60C64EC7 for ; Wed, 1 Mar 2023 01:46:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6B35C6B0072; Tue, 28 Feb 2023 20:46:58 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 63CB56B0073; Tue, 28 Feb 2023 20:46:58 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4B6236B0074; Tue, 28 Feb 2023 20:46:58 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 36E236B0072 for ; Tue, 28 Feb 2023 20:46:58 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 036031C5F1A for ; Wed, 1 Mar 2023 01:46:57 +0000 (UTC) X-FDA: 80518640916.16.AA85D79 Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) by imf10.hostedemail.com (Postfix) with ESMTP id 58DA2C000B for ; Wed, 1 Mar 2023 01:46:56 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=SPZCLaYS; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of 3j67-YwYKCA4685s1pu22uzs.q20zw18B-00y9oqy.25u@flex--surenb.bounces.google.com designates 209.85.128.201 as permitted sender) smtp.mailfrom=3j67-YwYKCA4685s1pu22uzs.q20zw18B-00y9oqy.25u@flex--surenb.bounces.google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1677635216; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=Hkk07sQi4ewYkgcLI5Vv3w/Ohqk2oO/iYGZZBdhoujI=; b=KeST7G40iLyFeo70hYLwW2nLncqLKg41E/wYahB8x1VzsY6qHWbdH7qew46I3QDAIoG8zm I7zLSkp7nNgnYVX46DqzMKvvHiO621Ifue3tjC0jhUp/Y8+3dKXh6/fKRyJCnrQVQcrrrn GynJqfBQUcRb5QIec50P03CDMh8Ph9w= ARC-Authentication-Results: i=1; imf10.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=SPZCLaYS; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf10.hostedemail.com: domain of 3j67-YwYKCA4685s1pu22uzs.q20zw18B-00y9oqy.25u@flex--surenb.bounces.google.com designates 209.85.128.201 as permitted sender) smtp.mailfrom=3j67-YwYKCA4685s1pu22uzs.q20zw18B-00y9oqy.25u@flex--surenb.bounces.google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1677635216; a=rsa-sha256; cv=none; b=iF+yiMGvcvnd4o+0TH0z66yTc+8Oq8UGwgxk8OJH45IHLPzbS4hzZS3ebo8O+If+XRC0Am HNRdQJEM/sFpJBcDfWOHBGke/rbE37Ug9i17gCWFQxdO6rUJNBQlErlWGb17vRde0ehpJS 9dCKYy4HuI/ahpLUF5VmXcpJMQpkORQ= Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-536c6ce8d74so248933677b3.9 for ; Tue, 28 Feb 2023 17:46:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1677635215; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=Hkk07sQi4ewYkgcLI5Vv3w/Ohqk2oO/iYGZZBdhoujI=; b=SPZCLaYSWsFrDoFUe+8BNKpQBvdrTpQWNkS+pSnYsNjidK6DiG6uxbfe7ZnXEF5NJn mA4kKgoYr+T01aH7H9Odwr+okLsltXjxhHH8k/FBiPg0KQ05aWI6MnXcOTSBQBtmnZti 59IM9MtiQSlS5IIx5lpMwTlsQFBBfJKjga+S5NGw+aXNoPb6PpM92R+dqa3tXtO45j57 RPny4gtbyLIvSMGpWUYZEn0P66MLNtWF7zQh7PNLL89KppUZcj5yxU6XLU8oU7IJw3NG V5S++Dy9Z/OJgLN7yPmibRr23zDQlcIIqNOKl+MKw+gsadanJtye+mwY96YZ1yXoFkyH FAww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1677635215; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=Hkk07sQi4ewYkgcLI5Vv3w/Ohqk2oO/iYGZZBdhoujI=; b=dpqz72v2vyPTw3ZZZudhyK1fIyCtuqYc+N8mzdfm2Pxg3Ko6pJ3L/UFDj+MAv5MDDP 5mGCN6raU3CrY77ac0R2eci/JQS+saFkeXExCoEJLbauSmqVyktTFW2Np83T1C4WHe2Y aPFwN2j5OshJNjpvHs6TAeATTgoJ1DVyDeZJxJ69bAbMautWWMYA0zdfUSqJivuCfgfP 4wphh4eu3GCmlMo6vTjG3s/C0M7XNvzsmaiKXpZVRDB/0o42GXjNztqp+GditMWSExTR 46K/JrDpNoGBbEtArvKsaVmZBSe1BKDvpjwwr7mE8qIZjKtnwEhZWvb3qtW1me3pOFBu XOxg== X-Gm-Message-State: AO0yUKXRzAWDfd2XuIlHnwmBk/VQt7qz2SHr14ffaV4CFZkMNX1LIXpn ggqdJBzoXDN744K3fCcnonx/CTqV6h4= X-Google-Smtp-Source: AK7set8u9kvWL+CJ3udaU7rkHUOfeWfiv3WiPx2d6BFNa6wRGcNcHxwUKh6Yo3I3K7hVVZt+Ni6rt2s8D+s= X-Received: from surenb-desktop.mtv.corp.google.com ([2620:15c:211:200:612b:820a:2225:ad82]) (user=surenb job=sendgmr) by 2002:a05:6902:128c:b0:8da:3163:224 with SMTP id i12-20020a056902128c00b008da31630224mr12241994ybu.0.1677635215361; Tue, 28 Feb 2023 17:46:55 -0800 (PST) Date: Tue, 28 Feb 2023 17:46:51 -0800 Mime-Version: 1.0 X-Mailer: git-send-email 2.39.2.722.g9855ee24e9-goog Message-ID: <20230301014651.1370939-1-surenb@google.com> Subject: [PATCH 1/1] cgroup: limit cgroup psi file writes to processes with CAP_SYS_RESOURCE From: Suren Baghdasaryan To: tj@kernel.org Cc: hannes@cmpxchg.org, lizefan.x@bytedance.com, peterz@infradead.org, johunt@akamai.com, mhocko@suse.com, quic_sudaraja@quicinc.com, cgroups@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Suren Baghdasaryan X-Rspamd-Queue-Id: 58DA2C000B X-Rspamd-Server: rspam09 X-Rspam-User: X-Stat-Signature: 7wfebc5hd6rkzic1knw5eu5514xqxhf4 X-HE-Tag: 1677635216-328635 X-HE-Meta: U2FsdGVkX1/mizqBH47i/078ydU+770LW19HjUMGGa6Bbw+iE7imV5RyRhLZuv3jgHEr20US2tMP32x1gtUjuL8/Ahj9yh8ZXAzvNe8B82v6rqPiHsZlK8bWnvSDK39qKOEMZfDbe6G8+kMDjCFclQMok/+rAKsFxhEw+lYiyLyCG2/RysjuevvTC/xKzQyjE5VcKZ4xXmbhyLuF1CpkbdAYcZLcDA2fYmpR7xV9zZboS/jyy9SYgHliWfOgbCnak5O2PTnnf7P7MZHy7rEfzk8JeqkMyHtGcYPMKNQnk63QdJj04NheXgDMxM6Y3Zs5QypgwVWW0iTB7RLDOXg8IxxMkdpWUOnO5hV0CAj1ePGnjFba6SoFeqjnFlXs7VUgc+NcAHsmD6KOBfHyE4gGNcyYQoTVFLMbdlKBV4IHFoiPppr8Oj1hLaWqb/seMfBGbU912dk+etA/jUrusxpU+0DiOX0Z8q2JqohgYLSGL5qKbDWdFIjXLk0s/giUOSYY1guCq/jWJ1M1ocoP58AZnIWr3F/84gmoCwbnQLzIScYluHKX74CR8sNbGFGx9J6nSbgznqdcUbRLdRlA4GKDtQjDUIA4mDTigwg4dzXyJYif0zy8tVxp9ZwwE9de7BuHYbS7y9No27WX7THE6eHeAtcCWDLMuhpDeQDDNH6xqLWFnL0g+O2/U9Q9xBch+GMFGeH8+rt4CT6SyOglQY/JtnGYkYvIS+qx+jZ09+YOo7ni1juPOTOFoco/CJZCruZyWwMz0iQo5TQihKTUrjzW9kzfxd0LZbXmtX7q8d8m2umRBRO0b8rD0Bt+nPr5VF7titHrx8oQujTwVpQLlse+o0AQJ4OW3s+CuGqPf1J2SOeR88v8IYZe7kEGgkDVY8KSyEhOmin7qEBS5eCpSKjw6TL84Ac1v7dNKSeHXNgQijCJmt63G5tcUD0h/yWzd+bMRTiW/DYupBaHjXAItmg NRQ6pg+q N/2q6UxvOotv1Fv0aU9Bi777A/E4k75+r2t+yonPBSxfnog4DLGaNLL/wCK7xzRSGJ5C2TrjsUqfmLBpB27o2RhaHbROULJQciVEs0awgMP9IJ/EiahTR7hqQKS17PG9EArhJI91ZIdJW+bTrG9aAP5J4UIa/14kxrOe3oUwqqzTUsIF4mdVgvvtt5DEXnIIEH6ihKnYjKDX/BLXrctFU6f53lSP4Mm4Hl7Sj5mRUyzanv8rUTcz1nZwmN20F/m6WLiL9yinEoraERDD/1rw3ZArrwWcJ686u3pakn23IPmy866Ry47gMhmTW0p/tPbv5lGO/uGmSYmPUdU/YtR/xx8DE9eSFyDNzSYWWUDxJUS4enm333faVdOGtLbSksEkXJBTaHxJy/XpcHRY5xAFkZc/NhUrm2va9+Paj7n/LVshr6ToThmBYWnXO9tPgx3NMWKuYUAyi9HTDi7fozVHj2TgDLdfLcfDe05FgsxEE6VcYUUkLbor5n/J6xLNyTlTmVbUxzcLzn2fiA27z2ipKxDfULpKRwA2xWgvo06EayEip7StVhcycQNVI3dLdt2nAL4LlQYrqDV6g3GLlqJVdw4Nf2yxHc9+99Iux+O8KPRaZAK+KBRxTgjEEvO7GXoSyOTaDET3FjNRKgBOdMRXtyt2i0O940hzIsArdo+egD7QOQEn77o3I1GBbMb5lFZJYgS6/ X-Bogosity: Ham, tests=bogofilter, spamicity=0.001116, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Currently /proc/pressure/* files can be written only by processes with CAP_SYS_RESOURCE capability to prevent any unauthorized user from creating psi triggers. However no such limitation is required for per-cgroup pressure files. Fix this inconsistency by requiring the same capability for writing per-cgroup psi files. Fixes: 6db12ee0456d ("psi: allow unprivileged users with CAP_SYS_RESOURCE to write psi files") Signed-off-by: Suren Baghdasaryan --- kernel/cgroup/cgroup.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c index 935e8121b21e..b600a6baaeca 100644 --- a/kernel/cgroup/cgroup.c +++ b/kernel/cgroup/cgroup.c @@ -3867,6 +3867,12 @@ static __poll_t cgroup_pressure_poll(struct kernfs_open_file *of, return psi_trigger_poll(&ctx->psi.trigger, of->file, pt); } +static int cgroup_pressure_open(struct kernfs_open_file *of) +{ + return (of->file->f_mode & FMODE_WRITE && !capable(CAP_SYS_RESOURCE)) ? + -EPERM : 0; +} + static void cgroup_pressure_release(struct kernfs_open_file *of) { struct cgroup_file_ctx *ctx = of->priv; @@ -5266,6 +5272,7 @@ static struct cftype cgroup_psi_files[] = { { .name = "io.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_IO]), + .open = cgroup_pressure_open, .seq_show = cgroup_io_pressure_show, .write = cgroup_io_pressure_write, .poll = cgroup_pressure_poll, @@ -5274,6 +5281,7 @@ static struct cftype cgroup_psi_files[] = { { .name = "memory.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_MEM]), + .open = cgroup_pressure_open, .seq_show = cgroup_memory_pressure_show, .write = cgroup_memory_pressure_write, .poll = cgroup_pressure_poll, @@ -5282,6 +5290,7 @@ static struct cftype cgroup_psi_files[] = { { .name = "cpu.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_CPU]), + .open = cgroup_pressure_open, .seq_show = cgroup_cpu_pressure_show, .write = cgroup_cpu_pressure_write, .poll = cgroup_pressure_poll, @@ -5291,6 +5300,7 @@ static struct cftype cgroup_psi_files[] = { { .name = "irq.pressure", .file_offset = offsetof(struct cgroup, psi_files[PSI_IRQ]), + .open = cgroup_pressure_open, .seq_show = cgroup_irq_pressure_show, .write = cgroup_irq_pressure_write, .poll = cgroup_pressure_poll,