From: Henrik Saari <[EMAIL PROTECTED]>
Security: Kernel OOM-killer and allocation denial use different rules
Original patch created by Leonid Moiseichuk <[EMAIL PROTECTED]>
Fixes the issue with the oom killer and lowmem module being inconsistent;
processes that are important enough to be protected from the oom killer should
not be denied memory either.
Signed-off-by: Henrik Saari <[EMAIL PROTECTED]>
Signed-off-by: Viktor Rosendahl <[EMAIL PROTECTED]>
---
security/lowmem.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/security/lowmem.c b/security/lowmem.c
index a627d51..113be75 100644
--- a/security/lowmem.c
+++ b/security/lowmem.c
@@ -9,6 +9,7 @@
#include <linux/pagemap.h>
#include <linux/hugetlb.h>
#include <linux/sysfs.h>
+#include <linux/oom.h>
#define MY_NAME "lowmem"
@@ -207,6 +208,10 @@ static int low_vm_enough_memory(long pages)
if (cap_sys_admin)
return 0;
+ /* OOM unkillable process is allowed to consume memory */
+ if (current->oomkilladj == OOM_DISABLE)
+ return 0;
+
/* uids from allowed_uids vector are also allowed no matter
what */
for (i = 0; i < LOWMEM_MAX_UIDS && allowed_uids[i]; i++)
if (current->uid == allowed_uids[i])
--
1.5.6.3
--
To unsubscribe from this list: send the line "unsubscribe linux-omap" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
