Quoting Gowrishankar M (gowrishankar.m@xxxxxxxxxxxxxxxxxx): > From: Gowrishankar M <gomuthuk@xxxxxxxxxxxxxxxxxx> > > At present we scan all processes in init namespace, while getting or setting > process priorities for a user. Incase of PID namespace, it leads to leak > priority to processes in other namespace. > > Below patch proposes to use new macro controller to fix the boundary of > processes list in current namespace. > > Signed-off-by: Gowrishankar M <gowrishankar.m@xxxxxxxxxxxxxxxxxx> Acked-by: Serge Hallyn <serue@xxxxxxxxxx> > --- > kernel/sys.c | 4 ++-- > 1 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/kernel/sys.c b/kernel/sys.c > index 31deba8..50973de 100644 > --- a/kernel/sys.c > +++ b/kernel/sys.c > @@ -181,7 +181,7 @@ asmlinkage long sys_setpriority(int which, int who, int niceval) > if ((who != current->uid) && !(user = find_user(who))) > goto out_unlock; /* No processes for this user */ > > - do_each_thread(g, p) > + do_each_thread_in_ns(g, p, current->nsproxy->pid_ns) > if (p->uid == who) > error = set_one_prio(p, niceval, error); > while_each_thread(g, p); > @@ -243,7 +243,7 @@ asmlinkage long sys_getpriority(int which, int who) > if ((who != current->uid) && !(user = find_user(who))) > goto out_unlock; /* No processes for this user */ > > - do_each_thread(g, p) > + do_each_thread_in_ns(g, p, current->nsproxy->pid_ns) > if (p->uid == who) { > niceval = 20 - task_nice(p); > if (niceval > retval) > -- > 1.5.5.1 _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers