git.baikalelectronics.ru Git - kernel.git/commit

author	David Rientjes <rientjes@google.com>
	Tue, 1 Nov 2011 00:07:18 +0000 (17:07 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 1 Nov 2011 00:30:45 +0000 (17:30 -0700)
commit	e72c499e54dfac181d1ada0510310d580408a663
tree	5ab7070237ebd3f40d7fcfc0066586422da8310a	tree \| snapshot
parent	6ca0b4e7a9c5a2983d774cc25a099189eaf3060c	commit \| diff

oom: fix race while temporarily setting current's oom_score_adj

test_set_oom_score_adj() was introduced in 51dd782f5f2a ("oom: replace
PF_OOM_ORIGIN with toggling oom_score_adj") to temporarily elevate
current's oom_score_adj for ksm and swapoff without requiring an
additional per-process flag.

Using that function to both set oom_score_adj to OOM_SCORE_ADJ_MAX and
then reinstate the previous value is racy since it's possible that
userspace can set the value to something else itself before the old value
is reinstated. That results in userspace setting current's oom_score_adj
to a different value and then the kernel immediately setting it back to
its previous value without notification.

To fix this, a new compare_swap_oom_score_adj() function is introduced
with the same semantics as the compare and swap CAS instruction, or
CMPXCHG on x86. It is used to reinstate the previous value of
oom_score_adj if and only if the present value is the same as the old
value.

Signed-off-by: David Rientjes <rientjes@google.com>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Ying Han <yinghan@google.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

include/linux/oom.h		diff \| blob \| history
mm/ksm.c		diff \| blob \| history
mm/oom_kill.c		diff \| blob \| history
mm/swapfile.c		diff \| blob \| history