Re: [PATCH v4 1/6] cgroup: unify attach permission checking

From: Christian Brauner
Date: Mon Jan 20 2020 - 09:46:36 EST

Next message: Andre Przywara: "Re: [PATCH 07/14] net: axienet: Fix SGMII support"
Previous message: Dmitry Vyukov: "Re: [PATCH 1/5] include/linux: Add instrumented.h infrastructure"
In reply to: Oleg Nesterov: "Re: [PATCH v4 1/6] cgroup: unify attach permission checking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 20, 2020 at 03:42:45PM +0100, Oleg Nesterov wrote:
> I guess I am totally confused, but...
>
> On 01/17, Christian Brauner wrote:
> >
> > +static inline bool cgroup_same_domain(const struct cgroup *src_cgrp,
> > + const struct cgroup *dst_cgrp)
> > +{
> > + return src_cgrp->dom_cgrp == dst_cgrp->dom_cgrp;
> > +}
> > +
> > +static int cgroup_attach_permissions(struct cgroup *src_cgrp,
> > + struct cgroup *dst_cgrp,
> > + struct super_block *sb, bool thread)
> > +{
> > + int ret = 0;
> > +
> > + ret = cgroup_procs_write_permission(src_cgrp, dst_cgrp, sb);
> > + if (ret)
> > + return ret;
> > +
> > + ret = cgroup_migrate_vet_dst(dst_cgrp);
> > + if (ret)
> > + return ret;
> > +
> > + if (thread &&
> > + !cgroup_same_domain(src_cgrp->dom_cgrp, dst_cgrp->dom_cgrp))
> ^^^^^^^^^^ ^^^^^^^^^^
>
> cgroup_same_domain(src_cgrp, dst_cgrp)
>
> no?
>
> And given that cgroup_same_domain() has no other users, perhaps it can
> simply check
>
> src_cgrp->dom_cgrp != dst_cgrp->dom_cgrp

Yeah, I just added it because the helper is very descriptive given its
name. Maybe too descriptive given my braino.
I'll just remove it in favor of this check and give it a small comment.

Thanks!
Christian

Next message: Andre Przywara: "Re: [PATCH 07/14] net: axienet: Fix SGMII support"
Previous message: Dmitry Vyukov: "Re: [PATCH 1/5] include/linux: Add instrumented.h infrastructure"
In reply to: Oleg Nesterov: "Re: [PATCH v4 1/6] cgroup: unify attach permission checking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]