From ad27614b78f8d17d1aa61ec7a8b4c1e862996c40 Mon Sep 17 00:00:00 2001
From: Henrik Saari <henrik.saari@nokia.com>
Date: Thu, 11 Sep 2008 19:20:33 +0300
Subject: [PATCH] Security: Kernel OOM-killer and allocation denial use
 different rules

Security: Kernel OOM-killer and allocation denial use different rules

Original patch created by Leonid Moiseichuk <leonid.moiseichuk@nokia.com>

Fixes the issue with the oom killer and lowmem module being inconsistent;
processes that are important enough to be protected from the oom killer should
not be denied memory either.

Signed-off-by: Henrik Saari <henrik.saari@nokia.com>
Signed-off-by: Viktor Rosendahl <viktor.rosendahl@nokia.com>
Signed-off-by: Tony Lindgren <tony@atomide.com>
---
 security/lowmem.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/security/lowmem.c b/security/lowmem.c
index a627d511f8e..113be754470 100644
--- a/security/lowmem.c
+++ b/security/lowmem.c
@@ -9,6 +9,7 @@
 #include <linux/pagemap.h>
 #include <linux/hugetlb.h>
 #include <linux/sysfs.h>
+#include <linux/oom.h>
 
 #define MY_NAME "lowmem"
 
@@ -207,6 +208,10 @@ static int low_vm_enough_memory(long pages)
 		if (cap_sys_admin)
 			return 0;
 
+		/* OOM unkillable process is allowed to consume memory */
+		if (current->oomkilladj == OOM_DISABLE)
+			return 0;
+
 		/* uids from allowed_uids vector are also allowed no matter what */
 		for (i = 0; i < LOWMEM_MAX_UIDS && allowed_uids[i]; i++)
 			if (current->uid == allowed_uids[i])
-- 
2.41.3