proc: allow access in init userns for map_files with CAP_CHECKPOINT_RESTORE - linux-dev - Linux kernel development work

diff options

author	Adrian Reber <areber@redhat.com>	2020-07-19 12:04:14 +0200
committer	Christian Brauner <christian.brauner@ubuntu.com>	2020-07-19 20:14:42 +0200
commit	12886f8ab10ce6a09af1d92535d49c81aaa215a8 (patch)
tree	5216c20df0841870c59b86e55c52d5860d948900 /kernel/sys.c
parent	pid_namespace: use checkpoint_restore_ns_capable() for ns_last_pid (diff)
download	linux-dev-12886f8ab10ce6a09af1d92535d49c81aaa215a8.tar.xz linux-dev-12886f8ab10ce6a09af1d92535d49c81aaa215a8.zip

proc: allow access in init userns for map_files with CAP_CHECKPOINT_RESTORE

Opening files in /proc/pid/map_files when the current user is CAP_CHECKPOINT_RESTORE capable in the root namespace is useful for checkpointing and restoring to recover files that are unreachable via the file system such as deleted files, or memfd files. Signed-off-by: Adrian Reber <areber@redhat.com> Signed-off-by: Nicolas Viennot <Nicolas.Viennot@twosigma.com> Reviewed-by: Cyrill Gorcunov <gorcunov@gmail.com> Reviewed-by: Serge Hallyn <serge@hallyn.com> Link: https://lore.kernel.org/r/20200719100418.2112740-5-areber@redhat.com Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Diffstat (limited to 'kernel/sys.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: