[LTP] [PATCH v2 1/1] lib: Check permission for OOM protection

Petr Vorel pvorel@suse.cz
Wed Dec 22 11:20:22 CET 2021 

setting value < 0 in /proc/*/oom_score_adj requires CAP_SYS_RESOURCE or
CAP_SYS_ADMIN therefore check it in tst_{disable,enable}_oom_protection().

Use set_oom_score_adj() to run without this check.

Fixes: 8a0827766d ("lib: add functions to adjust oom score")

Signed-off-by: Petr Vorel <pvorel@suse.cz>
---
* changes v1->v2:
check CAP_SYS_RESOURCE and CAP_SYS_ADMIN instead of UID 0.

 include/tst_memutils.h | 11 ++++++++++-
 lib/tst_memutils.c     | 28 ++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/include/tst_memutils.h b/include/tst_memutils.h
index 68a6e37714..f2a41ed8ce 100644
--- a/include/tst_memutils.h
+++ b/include/tst_memutils.h
@@ -30,11 +30,15 @@ long long tst_available_mem(void);
  *   echo -1000 >/proc/$PID/oom_score_adj
  * If the pid is 0 which means it will set on current(self) process.
  *
+ * WARNING:
+ *  Do nothing unless CAP_SYS_RESOURCE or CAP_SYS_ADMIN, because setting value <
+ *  0 requires it. Use set_oom_score_adj() to run without this check.
+ *
  * Note:
  *  This exported tst_enable_oom_protection function can be used at anywhere
  *  you want to protect, but please remember that if you do enable protection
  *  on a process($PID) that all the children will inherit its score and be
- *  ignored by OOM Killer as well. So that's why tst_disable_oom_protection
+ *  ignored by OOM Killer as well. So that's why tst_disable_oom_protection()
  *  to be used in combination.
  */
 void tst_enable_oom_protection(pid_t pid);
@@ -42,6 +46,11 @@ void tst_enable_oom_protection(pid_t pid);
 /*
  * Disable the OOM protection for the process($PID).
  *   echo 0 >/proc/$PID/oom_score_adj
+ *
+ * WARNING:
+ *  Do nothing unless CAP_SYS_RESOURCE or CAP_SYS_ADMIN, because it's expected
+ *  to be cleanup after tst_enable_oom_protection(). Use set_oom_score_adj() to
+ *  run without this check.
  */
 void tst_disable_oom_protection(pid_t pid);
 
diff --git a/lib/tst_memutils.c b/lib/tst_memutils.c
index 4dea303307..e67f810116 100644
--- a/lib/tst_memutils.c
+++ b/lib/tst_memutils.c
@@ -8,9 +8,12 @@
 #include <limits.h>
 #include <sys/sysinfo.h>
 #include <stdlib.h>
+#include <stdbool.h>
 
 #define TST_NO_DEFAULT_MAIN
 #include "tst_test.h"
+#include "tst_capability.h"
+#include "lapi/syscalls.h"
 
 #define BLOCKSIZE (16 * 1024 * 1024)
 
@@ -124,12 +127,37 @@ static void set_oom_score_adj(pid_t pid, int value)
 	}
 }
 
+static bool check_caps(void)
+{
+	struct tst_cap_user_header hdr = {
+		.version = 0x20080522,
+		.pid = tst_syscall(__NR_gettid),
+	};
+
+	struct tst_cap_user_data caps[2];
+
+	if (tst_capget(&hdr, caps))
+		tst_brk(TBROK | TERRNO, "tst_capget()");
+
+	if (!(caps[0].effective & (1U << CAP_SYS_ADMIN)) ||
+	    !(caps[0].effective & (1U << CAP_SYS_RESOURCE)))
+		return false;
+
+	return true;
+}
+
 void tst_enable_oom_protection(pid_t pid)
 {
+	if (!check_caps())
+		return;
+
 	set_oom_score_adj(pid, -1000);
 }
 
 void tst_disable_oom_protection(pid_t pid)
 {
+	if (!check_caps())
+		return;
+
 	set_oom_score_adj(pid, 0);
 }
-- 
2.34.1

More information about the ltp mailing list