Backport summary
----------------
1756d7994ad8 ("cgroup: Use open-time credentials for process migraton perm checks")
* Cherry pick from 4.19-stable, no modifications.
0d2b5955b362 ("cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv")
* Cherry-pick from 4.19-stable, minor contextual adjustement.
e57457641613 ("cgroup: Use open-time cgroup namespace for process migration perm checks")
* Cherry-pick from 4.19-stable, no modifications.
Testing
-------
There are no cgroup selftests in 4.14, but when running the ones from 4.19 on
the 4.14 kernel, all selftests pass:
root@intel-x86-64:~# ./test_core
ok 1 test_cgcore_internal_process_constraint
ok 2 test_cgcore_top_down_constraint_enable
ok 3 test_cgcore_top_down_constraint_disable
ok 4 test_cgcore_no_internal_process_constraint_on_threads
ok 5 test_cgcore_parent_becomes_threaded
ok 6 test_cgcore_invalid_domain
ok 7 test_cgcore_populated
ok 8 test_cgcore_lesser_euid_open
ok 9 test_cgcore_lesser_ns_open
Tejun Heo (3):
cgroup: Use open-time credentials for process migraton perm checks
cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
cgroup: Use open-time cgroup namespace for process migration perm
checks
kernel/cgroup/cgroup-internal.h | 19 ++++++++
kernel/cgroup/cgroup-v1.c | 33 ++++++++------
kernel/cgroup/cgroup.c | 81 +++++++++++++++++++++++----------
3 files changed, 95 insertions(+), 38 deletions(-)
--
2.25.1
