On Fri, Sep 04, 2020 at 06:00:31PM +0200, Christian Göttsche wrote: > sched_setattr(2) does via kernel/sched/core.c:__sched_setscheduler() > issue a CAP_SYS_NICE audit event unconditionally, even when the requested > operation does not require that capability / is un-privileged. > > Perform privilged/unprivileged catigorization first and perform a > capable test only if needed. > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > --- > kernel/sched/core.c | 65 ++++++++++++++++++++++++++++++++------------- > 1 file changed, 47 insertions(+), 18 deletions(-) So who sodding cares about audit, and why is that a reason to make a trainwreck of code?
