On Tue, Feb 08, 2022 at 07:24:02PM +0100, Michal Koutný wrote:
> From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
>
> The cgroup release_agent is called with call_usermodehelper. The function
> call_usermodehelper starts the release_agent with a full set fo capabilities.
> Therefore require capabilities when setting the release_agaent.
>
> [ Upstream commit 24f6008564183aa120d07c03d9289519c2fe02af ]
>
> Reported-by: Tabitha Sable <tabitha.c.sable@xxxxxxxxx>
> Tested-by: Tabitha Sable <tabitha.c.sable@xxxxxxxxx>
> Fixes: 81a6a5cdd2c5 ("Task Control Groups: automatic userspace notification of idle cgroups")
> Cc: stable@xxxxxxxxxxxxxxx # v2.6.24+
> Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
> Signed-off-by: Tejun Heo <tj@xxxxxxxxxx>
> [mkoutny: Adjust for pre-fs_context, duplicate mount/remount check, drop log messages.]
> Acked-by: Michal Koutný <mkoutny@xxxxxxxx>
> ---
>
> Hello,
> FWIW, I'm sharing v4.12 backport of the aforementioned patch (v4.12 is not
> actual stable but someone may find it useful).
What about 4.19 and 4.14 versions? Those would be useful :)
thanks,
greg k-h
