cgroup: unify attach permission checking

{

	DEFINE_CGROUP_MGCTX(mgctx);

	struct task_struct *task;

	int ret;

	ret = cgroup_migrate_vet_dst(dst_cgrp);

	if (ret)

		return ret;

	int ret = 0;

	/* look up all src csets */

	spin_lock_irq(&css_set_lock);

	return 0;

}

static int cgroup_attach_permissions(struct cgroup *src_cgrp,

				     struct cgroup *dst_cgrp,

				     struct super_block *sb, bool threadgroup)

{

	int ret = 0;

	ret = cgroup_procs_write_permission(src_cgrp, dst_cgrp, sb);

	if (ret)

		return ret;

	ret = cgroup_migrate_vet_dst(dst_cgrp);

	if (ret)

		return ret;

	if (!threadgroup && (src_cgrp->dom_cgrp != dst_cgrp->dom_cgrp))

		ret = -EOPNOTSUPP;

	return ret;

}

static ssize_t cgroup_procs_write(struct kernfs_open_file *of,

				  char *buf, size_t nbytes, loff_t off)

{

	src_cgrp = task_cgroup_from_root(task, &cgrp_dfl_root);

	spin_unlock_irq(&css_set_lock);

	ret = cgroup_procs_write_permission(src_cgrp, dst_cgrp,

					    of->file->f_path.dentry->d_sb);

	ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,

					of->file->f_path.dentry->d_sb, true);

	if (ret)

		goto out_finish;

	spin_unlock_irq(&css_set_lock);

	/* thread migrations follow the cgroup.procs delegation rule */

	ret = cgroup_procs_write_permission(src_cgrp, dst_cgrp,

					    of->file->f_path.dentry->d_sb);

	ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,

					of->file->f_path.dentry->d_sb, false);

	if (ret)

		goto out_finish;

	/* and must be contained in the same domain */

	ret = -EOPNOTSUPP;

	if (src_cgrp->dom_cgrp != dst_cgrp->dom_cgrp)

		goto out_finish;

	ret = cgroup_attach_task(dst_cgrp, task, false);

out_finish: