+ allowing-user-processes-to-rise-their-oom_adj-value.patch added to -mm tree

akpm@xxxxxxxx · Mon, 06 Nov 2006 13:17:35 -0800

The patch titled
     Allow user processes to raise their oom_adj value
has been added to the -mm tree.  Its filename is
     allowing-user-processes-to-rise-their-oom_adj-value.patch

See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this

------------------------------------------------------
Subject: Allow user processes to raise their oom_adj value
From: Guillem Jover <guillem.jover@xxxxxxxxx>

Currently a user process cannot rise its own oom_adj value (i.e. 
unprotecting itself from the OOM killer).  As this value is stored in the
task structure it gets inherited and the unprivileged childs will be unable
to rise it.

The EPERM will be handled by the generic proc fs layer, as only processes
with the proper caps or the owner of the process will be able to write to
the file.  So we allow only the processes with CAP_SYS_RESOURCE to lower
the value, otherwise it will get an EACCES which seems more appropriate
than EPERM.

Signed-off-by: Guillem Jover <guillem.jover@xxxxxxxxx>
Cc: Andrea Arcangeli <andrea@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

 fs/proc/base.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff -puN fs/proc/base.c~allowing-user-processes-to-rise-their-oom_adj-value fs/proc/base.c

--- a/fs/proc/base.c~allowing-user-processes-to-rise-their-oom_adj-value
+++ a/fs/proc/base.c
@@ -682,8 +682,6 @@ static ssize_t oom_adjust_write(struct f
 	char buffer[PROC_NUMBUF], *end;
 	int oom_adjust;
 
-	if (!capable(CAP_SYS_RESOURCE))
-		return -EPERM;
 	memset(buffer, 0, sizeof(buffer));
 	if (count > sizeof(buffer) - 1)
 		count = sizeof(buffer) - 1;
@@ -698,6 +696,10 @@ static ssize_t oom_adjust_write(struct f
 	task = get_proc_task(file->f_dentry->d_inode);
 	if (!task)
 		return -ESRCH;
+	if (oom_adjust < task->oomkilladj && !capable(CAP_SYS_RESOURCE)) {
+		put_task_struct(task);
+		return -EACCES;
+	}
 	task->oomkilladj = oom_adjust;
 	put_task_struct(task);
 	if (end - buffer == 0)
_

Patches currently in -mm which might be from guillem.jover@xxxxxxxxx are

allowing-user-processes-to-rise-their-oom_adj-value.patch

-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




