Hi Andrew Morgan,
does this patch look reasonable to you?
thanks,
-serge
>From ed2e7764917fd56d9743630bd7072f67ff30adc2 Mon Sep 17 00:00:00 2001
From: [EMAIL PROTECTED] <[EMAIL PROTECTED](none)>
Date: Wed, 26 Dec 2007 15:04:50 -0800
Subject: [PATCH 1/1] capabilities: oom_kill: don't set PF_SUPERPRIV for oom
check
With 64-bit capabilities came an inadvertent change such
that the check for a privileged process, to make it less
likely to be killed when out of memory, sets PF_SUPERPRIV,
which it did not do before.
This patch restores the original behavior of not setting the
PF_SUPERPRIV bit when checking for privileged processes.
Signed-off-by: [EMAIL PROTECTED] <[EMAIL PROTECTED](none)>
---
include/linux/capability.h | 2 ++
mm/oom_kill.c | 3 ++-
2 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/include/linux/capability.h b/include/linux/capability.h
index 7d50ff6..0acdd65 100644
--- a/include/linux/capability.h
+++ b/include/linux/capability.h
@@ -490,6 +490,8 @@ extern const kernel_cap_t __cap_init_eff_set;
int capable(int cap);
int __capable(struct task_struct *t, int cap);
+#define CAPABLE_PROBE_ONLY(a,b) (!security_capable(a,b))
+
extern long cap_prctl_drop(unsigned long cap);
#endif /* __KERNEL__ */
diff --git a/mm/oom_kill.c b/mm/oom_kill.c
index 9fd8d5d..cd515f8 100644
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -128,7 +128,8 @@ unsigned long badness(struct task_struct *p, unsigned long
uptime,
* Superuser processes are usually more important, so we make it
* less likely that we kill those.
*/
- if (__capable(p, CAP_SYS_ADMIN) || __capable(p, CAP_SYS_RESOURCE))
+ if (CAPABLE_PROBE_ONLY(p, CAP_SYS_ADMIN) ||
+ CAPABLE_PROBE_ONLY(p, CAP_SYS_RESOURCE))
points /= 4;
/*
--
1.5.1
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
