aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSerge E. Hallyn <serue@us.ibm.com>2008-02-05 01:29:47 -0500
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2008-02-05 12:44:20 -0500
commit97829955ad291acec1d8b94e9911b3ceb1118bb1 (patch)
tree4af91977d82494375e09a961594f83ca77f253d7
parent3b7391de67da515c91f48aa371de77cb6cc5c07e (diff)
oom_kill: remove uid==0 checks
Root processes are considered more important when out of memory and killing proceses. The check for CAP_SYS_ADMIN was augmented with a check for uid==0 or euid==0. There are several possible ways to look at this: 1. uid comparisons are unnecessary, trust CAP_SYS_ADMIN alone. However CAP_SYS_RESOURCE is the one that really means "give me extra resources" so allow for that as well. 2. Any privileged code should be protected, but uid is not an indication of privilege. So we should check whether any capabilities are raised. 3. uid==0 makes processes on the host as well as in containers more important, so we should keep the existing checks. 4. uid==0 makes processes only on the host more important, even without any capabilities. So we should be keeping the (uid==0||euid==0) check but only when userns==&init_user_ns. I'm following number 1 here. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Cc: Andrew Morgan <morgan@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--mm/oom_kill.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/mm/oom_kill.c b/mm/oom_kill.c
index 320d74e707af..c1850bf991cd 100644
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -125,7 +125,7 @@ unsigned long badness(struct task_struct *p, unsigned long uptime)
125 * Superuser processes are usually more important, so we make it 125 * Superuser processes are usually more important, so we make it
126 * less likely that we kill those. 126 * less likely that we kill those.
127 */ 127 */
128 if (__capable(p, CAP_SYS_ADMIN) || p->uid == 0 || p->euid == 0) 128 if (__capable(p, CAP_SYS_ADMIN) || __capable(p, CAP_SYS_RESOURCE))
129 points /= 4; 129 points /= 4;
130 130
131 /* 131 /*