From: Henrik Saari <henrik.saari@xxxxxxxxx> Security: Kernel OOM-killer and allocation denial use different rules Original patch created by Leonid Moiseichuk <leonid.moiseichuk@xxxxxxxxx> Fixes the issue with the oom killer and lowmem module being inconsistent; processes that are important enough to be protected from the oom killer should not be denied memory either. Signed-off-by: Henrik Saari <henrik.saari@xxxxxxxxx> Signed-off-by: Viktor Rosendahl <viktor.rosendahl@xxxxxxxxx> --- security/lowmem.c | 5 +++++ 1 files changed, 5 insertions(+), 0 deletions(-) diff --git a/security/lowmem.c b/security/lowmem.c index a627d51..113be75 100644 --- a/security/lowmem.c +++ b/security/lowmem.c @@ -9,6 +9,7 @@ #include <linux/pagemap.h> #include <linux/hugetlb.h> #include <linux/sysfs.h> +#include <linux/oom.h> #define MY_NAME "lowmem" @@ -207,6 +208,10 @@ static int low_vm_enough_memory(long pages) if (cap_sys_admin) return 0; + /* OOM unkillable process is allowed to consume memory */ + if (current->oomkilladj == OOM_DISABLE) + return 0; + /* uids from allowed_uids vector are also allowed no matter what */ for (i = 0; i < LOWMEM_MAX_UIDS && allowed_uids[i]; i++) if (current->uid == allowed_uids[i]) -- 1.5.6.3 -- To unsubscribe from this list: send the line "unsubscribe linux-omap" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
