diff options
author | Martin Hicks <mort@sgi.com> | 2005-09-03 15:54:50 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@evo.osdl.org> | 2005-09-05 00:05:44 -0700 |
commit | bce5f6ba340b09d8b29902add204bb95a6d3d88b (patch) | |
tree | 1cfeea969fa5848f0a8d31394829aec5c8571a79 | |
parent | 242e54686257493f0b10ac557e730419d9af7d24 (diff) | |
download | lwn-bce5f6ba340b09d8b29902add204bb95a6d3d88b.tar.gz lwn-bce5f6ba340b09d8b29902add204bb95a6d3d88b.zip |
[PATCH] VM: add capabilites check to set_zone_reclaim
Add a capability check to sys_set_zone_reclaim(). This syscall is not
something that should be available to a user.
Signed-off-by: Martin Hicks <mort@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | include/linux/capability.h | 1 | ||||
-rw-r--r-- | mm/vmscan.c | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/include/linux/capability.h b/include/linux/capability.h index 8d139f4acf23..6b4618902d3d 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h @@ -233,6 +233,7 @@ typedef __u32 kernel_cap_t; /* Allow enabling/disabling tagged queuing on SCSI controllers and sending arbitrary SCSI commands */ /* Allow setting encryption key on loopback filesystem */ +/* Allow setting zone reclaim policy */ #define CAP_SYS_ADMIN 21 diff --git a/mm/vmscan.c b/mm/vmscan.c index cfffe5098d53..ab631a3c62c3 100644 --- a/mm/vmscan.c +++ b/mm/vmscan.c @@ -1375,6 +1375,9 @@ asmlinkage long sys_set_zone_reclaim(unsigned int node, unsigned int zone, struct zone *z; int i; + if (!capable(CAP_SYS_ADMIN)) + return -EACCES; + if (node >= MAX_NUMNODES || !node_online(node)) return -EINVAL; |