[natty/ti-omap4 CVE 1/1] oom: use pte pages in OOM score

Tim Gardner rtg.canonical at gmail.com
Mon Feb 6 12:55:01 UTC 2012 

On 02/06/2012 05:43 AM, Herton Ronaldo Krzesinski wrote:
> On Mon, Feb 06, 2012 at 09:37:14AM +0000, Andy Whitcroft wrote:
>> From: KOSAKI Motohiro<kosaki.motohiro at jp.fujitsu.com>
>>
>> PTE pages eat up memory just like anything else, but we do not account for
>> them in any way in the OOM scores.  They are also _guaranteed_ to get
>> freed up when a process is OOM killed, while RSS is not.
>>
>> Reported-by: Dave Hansen<dave at linux.vnet.ibm.com>
>> Signed-off-by: KOSAKI Motohiro<kosaki.motohiro at jp.fujitsu.com>
>> Cc: Hugh Dickins<hughd at google.com>
>> Cc: KAMEZAWA Hiroyuki<kamezawa.hiroyu at jp.fujitsu.com>
>> Cc: Oleg Nesterov<oleg at redhat.com>
>> Acked-by: David Rientjes<rientjes at google.com>
>> Cc:<stable at kernel.org>		[2.6.36+]
>> Signed-off-by: Andrew Morton<akpm at linux-foundation.org>
>> Signed-off-by: Linus Torvalds<torvalds at linux-foundation.org>
>>
>> (cherry picked from commit f755a042d82b51b54f3bdd0890e5ea56c0fb6807)
>> CVE-2011-2498
>> BugLink: http://bugs.launchpad.net/bugs/922374
>> Signed-off-by: Andy Whitcroft<apw at canonical.com>
>> ---
>>   mm/oom_kill.c |    9 ++++++---
>>   1 files changed, 6 insertions(+), 3 deletions(-)
>>
>> diff --git a/mm/oom_kill.c b/mm/oom_kill.c
>> index ea16f72..49ea0cc 100644
>> --- a/mm/oom_kill.c
>> +++ b/mm/oom_kill.c
>> @@ -172,10 +172,13 @@ unsigned int oom_badness(struct task_struct *p, struct mem_cgroup *mem,
>>
>>   	/*
>>   	 * The baseline for the badness score is the proportion of RAM that each
>> -	 * task's rss and swap space use.
>> +	 * task's rss, pagetable and swap space use.
>>   	 */
>> -	points = (get_mm_rss(p->mm) + get_mm_counter(p->mm, MM_SWAPENTS)) * 1000 /
>> -			totalpages;
>> +	points = get_mm_rss(p->mm) + p->mm->nr_ptes;
>> +	points += get_mm_counter(p->mm, MM_SWAPENTS);
>> +
>> +	points *= 1000;
>> +	points /= totalpages;
>
> This split up of the computation introduced a bug in 64 bit arches, which
> is fixed by commit ff05b6f. Arm should be unaffected, but natty have this
> broken at least with x86_64, oneiric already got the fix through stable.
>


Good catch. Applied ff05b6f to natty/master-next.

rtg
-- 
Tim Gardner tim.gardner at canonical.com

More information about the kernel-team mailing list