AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-02-17 21:16:46 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity

The oomkiller calculations make decisions based on capabilities. Since

Browse Source 
these are not security decisions and LSMs should not record if they fall
the request they should use the new has_capability_noaudit() interface so
the denials will not be recorded.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Eric Paris 2008-11-11 22:02:54 +11:00 committed by James Morris
parent 06112163f5
commit a2f2945a99
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
mm/oom_kill.c
View File

@ -129,8 +129,8 @@ unsigned long badness(struct task_struct *p, unsigned long uptime)
* Superuser processes are usually more important, so we make it * Superuser processes are usually more important, so we make it
* less likely that we kill those. * less likely that we kill those.
*/ */
if (has_capability(p, CAP_SYS_ADMIN) || if (has_capability_noaudit(p, CAP_SYS_ADMIN) ||
has_capability(p, CAP_SYS_RESOURCE)) has_capability_noaudit(p, CAP_SYS_RESOURCE))
points /= 4; points /= 4;
/* /*
@ -139,7 +139,7 @@ unsigned long badness(struct task_struct *p, unsigned long uptime)
* tend to only have this flag set on applications they think * tend to only have this flag set on applications they think
* of as important. * of as important.
*/ */
if (has_capability(p, CAP_SYS_RAWIO)) if (has_capability_noaudit(p, CAP_SYS_RAWIO))
points /= 4; points /= 4;
/* /*