| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Dec 2007 15:03:32 -0600 From: "Serge E. Hallyn" <serue@...ibm.com> To: lkml <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...l.org> Cc: Andrew Morgan <morgan@...nel.org>, linux-security-module@...r.kernel.org, Chris Wright <chrisw@...s-sol.org> Subject: [PATCH 1/1] capabilities: oom_kill: don't set PF_SUPERPRIV for oom check >From ed2e7764917fd56d9743630bd7072f67ff30adc2 Mon Sep 17 00:00:00 2001 From: Serge Hallyn <serue@...ibm.com> Date: Wed, 26 Dec 2007 15:04:50 -0800 Subject: [PATCH 1/1] capabilities: oom_kill: don't set PF_SUPERPRIV for oom check With 64-bit capabilities came an inadvertent change such that the check for a privileged process, to make it less likely to be killed when out of memory, sets PF_SUPERPRIV, which it did not do before. This patch restores the original behavior of not setting the PF_SUPERPRIV bit when checking for privileged processes. Signed-off-by: Serge Hallyn <serue@...ibm.com> Acked-by: Andrew G. Morgan <morgan@...nel.org> --- include/linux/capability.h | 2 ++ mm/oom_kill.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletions(-) diff --git a/include/linux/capability.h b/include/linux/capability.h index 7d50ff6..0acdd65 100644 --- a/include/linux/capability.h +++ b/include/linux/capability.h @@ -490,6 +490,8 @@ extern const kernel_cap_t __cap_init_eff_set; int capable(int cap); int __capable(struct task_struct *t, int cap); +#define CAPABLE_PROBE_ONLY(a,b) (!security_capable(a,b)) + extern long cap_prctl_drop(unsigned long cap); #endif /* __KERNEL__ */ diff --git a/mm/oom_kill.c b/mm/oom_kill.c index 9fd8d5d..cd515f8 100644 --- a/mm/oom_kill.c +++ b/mm/oom_kill.c @@ -128,7 +128,8 @@ unsigned long badness(struct task_struct *p, unsigned long uptime, * Superuser processes are usually more important, so we make it * less likely that we kill those. */ - if (__capable(p, CAP_SYS_ADMIN) || __capable(p, CAP_SYS_RESOURCE)) + if (CAPABLE_PROBE_ONLY(p, CAP_SYS_ADMIN) || + CAPABLE_PROBE_ONLY(p, CAP_SYS_RESOURCE)) points /= 4; /* -- 1.5.1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists