On 22-May-19 4:41 PM, Nicolas Dichtel wrote:
move_pages() is only used to get the numa node id, but this function
is not allowed by default in docker (it needs CAP_SYS_NICE and an update of
the seccomp profile).
get_mempolicy() also requires CAP_SYS_NICE but doesn't need any change in
the default seccomp profile.
Note that the returned value of move_pages() was not checked, thus some
errors could be hidden (if the requested id was 0).
Signed-off-by: Nicolas Dichtel <nicolas.dich...@6wind.com>
Reviewed-by: Olivier Matz <olivier.m...@6wind.com>
Reviewed-by: Didier Pallard <didier.pall...@6wind.com>
---
I can see the check for move_pages and it's a good fix, but what is the
relation to docker init here? The patch by itself only enables handling
of move_pages() failure and adds nothing else. The commit message
doesn't match the patch in question IMO.
Also, Cc: stable and Fixes: ?
--
Thanks,
Anatoly
