>> Of course, we recommend to drop privileges as far as possible >> instead of keeping them. Thus, oom killer don't have to check >> any capability. It implicitly suggest wrong programming style. >> >> This patch change root process check way from CAP_SYS_ADMIN to >> just euid==0. > > I like this but I have some comments. > Firstly, it's not dependent with your series so I think this could > be merged firstly. I agree. > Before that, I would like to make clear my concern. > As I look below comment, 3% bonus is dependent with __vm_enough_memory's logic? No. completely independent. vm_enough_memory() check the task _can_ allocate more memory. IOW, the task is subjective. And oom-killer check the task should be protected from oom-killer. IOW, the task is objective. > If it isn't, we can remove the comment. It would be another patch. > If is is, could we change __vm_enough_memory for euid instead of cap? > > * Root processes get 3% bonus, just like the __vm_enough_memory() > * implementation used by LSMs. vm_enough_memory() is completely correct. I don't see any reason to change it. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>