Security: Kernel OOM-killer and allocation denial use different rules

Security: Kernel OOM-killer and allocation denial use different rules Original patch created by Leonid Moiseichuk <leonid.moiseichuk@nokia.com> Fixes the issue with the oom killer and lowmem module being inconsistent; processes that are important enough to be protected from the oom killer should not be denied memory either. Signed-off-by: Henrik Saari <henrik.saari@nokia.com> Signed-off-by: Viktor Rosendahl <viktor.rosendahl@nokia.com> Signed-off-by: Tony Lindgren <tony@atomide.com>

Security: Kernel OOM-killer and allocation denial use different rules
Security: Kernel OOM-killer and allocation denial use different rules Original patch created by Leonid Moiseichuk <leonid.moiseichuk@nokia.com> Fixes the issue with the oom killer and lowmem module being inconsistent; processes that are important enough to be protected from the oom killer should not be denied memory either. Signed-off-by: Henrik Saari <henrik.saari@nokia.com> Signed-off-by: Viktor Rosendahl <viktor.rosendahl@nokia.com> Signed-off-by: Tony Lindgren <tony@atomide.com>
ad27614b · Henrik Saari · Tony Lindgren · 74fcfe9c · ad27614b
Commit ad27614b authored Sep 11, 2008 by Henrik Saari Committed by Tony Lindgren Sep 12, 2008
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

security/lowmem.c security/lowmem.c +5 -0

No files found.
--- a/security/lowmem.c
+++ b/security/lowmem.c
@@ -9,6 +9,7 @@
 #include <linux/pagemap.h>
 #include <linux/hugetlb.h>
 #include <linux/sysfs.h>
+#include <linux/oom.h>

 #define MY_NAME "lowmem"

@@ -207,6 +208,10 @@ static int low_vm_enough_memory(long pages)
 		if (cap_sys_admin)
 			return 0;

+		/* OOM unkillable process is allowed to consume memory */
+		if (current->oomkilladj == OOM_DISABLE)
+			return 0;
+
 		/* uids from allowed_uids vector are also allowed no matter what */
 		for (i = 0; i < LOWMEM_MAX_UIDS && allowed_uids[i]; i++)
 			if (current->uid == allowed_uids[i])