[PATCH] VM: add capabilites check to set_zone_reclaim

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Add a capability check to sys_set_zone_reclaim(). This syscall is not
something that should be available to a user.

Signed-off-by: Martin Hicks <mort@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

authored by

Martin Hicks and committed by

Linus Torvalds 20 years ago bce5f6ba 242e5468

2 changed files

expand all

include

linux

capability.h

vmscan.c

include/linux/capability.h

··· 233 233 /* Allow enabling/disabling tagged queuing on SCSI controllers and sending 234 234 arbitrary SCSI commands */ 235 235 /* Allow setting encryption key on loopback filesystem */ 236 + /* Allow setting zone reclaim policy */ 236 237 237 238 #define CAP_SYS_ADMIN 21 238 239

mm/vmscan.c

··· 1375 1375 struct zone *z; 1376 1376 int i; 1377 1377 1378 + if (!capable(CAP_SYS_ADMIN)) 1379 + return -EACCES; 1380 + 1378 1381 if (node >= MAX_NUMNODES || !node_online(node)) 1379 1382 return -EINVAL; 1380 1383