]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f295cfa) | patch
oomd: check if a cgroup can be killed before attempting to kill it
authorMatteo Croce <teknoraver@meta.com>
Mon, 17 Nov 2025 16:30:34 +0000 (17:30 +0100)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 21 Nov 2025 08:15:37 +0000 (09:15 +0100)
commit38e9d40c8097363b1e8fa025ef06865dadb0a3ac
treea29a30d4591f14556bd97c4a03035ee4c42aee72tree | snapshot
parentf295cfa1a758147226308f802c19a12fd1a95715commit | diff
oomd: check if a cgroup can be killed before attempting to kill it

On OOM event, oomd tries to kill a cgroup until it succeedes.
The kill can fail with EPERM in case a pid is not killed, this leaves
the cgroup with only half of the processed killed.
This is unlikely but theoretically possible in a user namespace,
where systemd run as root inside the container and tries to kill a
cgroup with some PID from the host namespace.

To address this, send the SIG0 signal to all the processes to check
that we have privileges to kill them.
src/oom/oomd-util.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.