git.ipfire.org Git - thirdparty/systemd.git/commit

author	Nick Rosbrook <nick.rosbrook@canonical.com>
	Tue, 19 Jul 2022 15:49:06 +0000 (11:49 -0400)
committer	Nick Rosbrook <nick.rosbrook@canonical.com>
	Fri, 26 Aug 2022 16:40:58 +0000 (12:40 -0400)
commit	652a4efb66a845f6c5d48429aa4df0194a602aaa
tree	db9893ce061891b85552d27977abdab61fcae47c	tree \| snapshot
parent	b1cd8ed42094f64a201c225be8d2c648f9067444	commit \| diff

oomd: loosen the restriction on ManagedOOMPreference

The ManagedOOMPreference property is only honored on cgroups which are
owned by root. This precludes anyone from setting ManagedOOMPreference
on cgroups managed by user managers.

Loosen this restriction in the following way: when processing a
monitored cgroup for kill candidates, honor the ManagedOOMPreference
setting if the monitored cgroup and cgroup candidate are owned by the
same user. This allows unprivileged users to configure
ManagedOOMPreference on their cgroups without affecting the kill
priority of ancestor cgroups.

N.B. that since swap kill operates globally to kill the largest
candidate, it is not appropriate to apply this logic to the swap kill
scenario. Therefore, the existing restriction on ManagedOOMPreference
will remain when calculating candidates for swap kill.

Add a new function, oomd_fetch_cgroup_oom_preference, to assist with
this new logic. To simplify things, move the `user.oomd_{avoid,omit}`
xattr reads to this function so that the xattr reads and uid checks are
performed all at once.

src/oom/oomd-util.c		diff \| blob \| blame \| history
src/oom/oomd-util.h		diff \| blob \| blame \| history