Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik;

closes: #480020).

8 files changed, 111 insertions, 14 deletions

diff --git a/config.h.in b/config.h.in
index 9577c0e5f..d2641866c 100644
--- a/config.h.in
+++ b/config.h.in
@@ -1163,6 +1163,9 @@
 /* Define if X11 doesn't support AF_UNIX sockets on that system */
 #undef NO_X11_UNIX_SOCKETS
 
+/* Adjust Linux out-of-memory killer */
+#undef OOM_ADJUST
+
 /* libcrypto is missing AES 192 and 256 bit functions */
 #undef OPENSSL_LOBOTOMISED_AES
 
diff --git a/configure b/configure
index 3e578307d..3d3d60262 100755
--- a/configure
+++ b/configure
@@ -7773,6 +7773,11 @@ cat >>confdefs.h <<\_ACEOF
 _ACEOF
 
         fi
+
+cat >>confdefs.h <<\_ACEOF
+#define OOM_ADJUST 1
+_ACEOF
+
         ;;
 mips-sony-bsd|mips-sony-newsos4)
 
diff --git a/configure.ac b/configure.ac
index 487a9d6ae..5a7f83bf9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -559,6 +559,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
                 AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
                     [Prepend the address family to IP tunnel traffic])
         fi
+        AC_DEFINE(OOM_ADJUST, 1, [Adjust Linux out-of-memory killer])
         ;;
 mips-sony-bsd|mips-sony-newsos4)
         AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty])
diff --git a/debian/changelog b/debian/changelog
index f0c715daf..99640e763 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -33,6 +33,8 @@ openssh (1:4.7p1-11) UNRELEASED; urgency=low
     glitches (thanks, Petter Reinholdtsen; closes: #481018).
   * Remove 0 and 6 from Default-Stop in init script (thanks, Kel Modderman;
     closes: #481151).
+  * Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik;
+    closes: #480020).
 
  -- Colin Watson <cjwatson@debian.org>  Sat, 17 May 2008 08:48:45 +0200
 
diff --git a/debian/openssh-server.init b/debian/openssh-server.init
index ddd1e292c..01f00dc0a 100644
--- a/debian/openssh-server.init
+++ b/debian/openssh-server.init
@@ -16,7 +16,7 @@ set -e
 test -x /usr/sbin/sshd || exit 0
 ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0
 
-SSHD_OOM_ADJUST=-17
+export SSHD_OOM_ADJUST=-17
 if test -f /etc/default/ssh; then
     . /etc/default/ssh
 fi
@@ -71,15 +71,6 @@ check_config() {
     fi
 }
 
-adjust_oom() {
-    if [ -e /var/run/sshd.pid ]; then
-        PID="$(head -n1 /var/run/sshd.pid)"
-        if [ -e "/proc/$PID/oom_adj" ]; then
-            printf '%s' "$SSHD_OOM_ADJUST" >"/proc/$PID/oom_adj" || true
-        fi
-    fi
-}
-
 export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
 
 case "$1" in
@@ -90,7 +81,6 @@ case "$1" in
         log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd"
         if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
             log_end_msg 0
-            adjust_oom
         else
             log_end_msg 1
         fi
@@ -124,7 +114,6 @@ case "$1" in
         check_dev_null log_end_msg
         if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then
             log_end_msg 0
-            adjust_oom
         else
             log_end_msg 1
         fi
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c
index 485929133..a9aa773ef 100644
--- a/openbsd-compat/port-linux.c
+++ b/openbsd-compat/port-linux.c
@@ -18,7 +18,7 @@
  */
 
 /*
- * Linux-specific portability code - just SELinux support at present
+ * Linux-specific portability code
  */
 
 #include "includes.h"
@@ -27,11 +27,19 @@
 #include <stdarg.h>
 #include <string.h>
 
+#ifdef OOM_ADJUST
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <unistd.h>
+#endif
+
+#include "log.h"
+
 #ifdef WITH_SELINUX
 #include "key.h"
 #include "hostfile.h"
 #include "auth.h"
-#include "log.h"
 #ifdef HAVE_GETSEUSERBYNAME
 #include "xmalloc.h"
 #endif
@@ -186,3 +194,47 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
         debug3("%s: done", __func__);
 }
 #endif /* WITH_SELINUX */
+
+#ifdef OOM_ADJUST
+/* Get the out-of-memory adjustment file for the current process */
+int
+oom_adj_open(void)
+{
+        int fd = open("/proc/self/oom_adj", O_RDWR);
+        if (fd < 0)
+                logit("error opening /proc/self/oom_adj: %s", strerror(errno));
+        return fd;
+}
+
+/* Get the current OOM adjustment */
+int
+oom_adj_get(char *buf, size_t maxlen)
+{
+        ssize_t n;
+        int fd = oom_adj_open();
+        if (fd < 0)
+                return -1;
+        n = read(fd, buf, maxlen);
+        if (n < 0)
+                logit("error reading /proc/self/oom_adj: %s", strerror(errno));
+        else
+                buf[n] = '\0';
+        close(fd);
+        return n < 0 ? -1 : 0;
+}
+
+/* Set the current OOM adjustment */
+int
+oom_adj_set(const char *buf)
+{
+        ssize_t n;
+        int fd = oom_adj_open();
+        if (fd < 0)
+                return -1;
+        n = write(fd, buf, strlen(buf));
+        if (n < 0)
+                logit("error writing /proc/self/oom_adj: %s", strerror(errno));
+        close(fd);
+        return n < 0 ? -1 : 0;
+}
+#endif
diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h
index 05e520e1c..cb8a253c4 100644
--- a/openbsd-compat/port-linux.h
+++ b/openbsd-compat/port-linux.h
@@ -24,4 +24,10 @@ void ssh_selinux_setup_pty(char *, const char *);
 void ssh_selinux_setup_exec_context(char *);
 #endif
 
+#ifdef OOM_ADJUST
+int oom_adj_open(void);
+int oom_adj_get(char *buf, size_t maxlen);
+int oom_adj_set(const char *buf);
+#endif
+
 #endif /* ! _PORT_LINUX_H */
diff --git a/sshd.c b/sshd.c
index 2d428967c..1d2769a56 100644
--- a/sshd.c
+++ b/sshd.c
@@ -251,6 +251,11 @@ Buffer loginmsg;
 /* Unprivileged user */
 struct passwd *privsep_pw = NULL;
 
+#ifdef OOM_ADJUST
+/* Linux out-of-memory killer adjustment */
+static char oom_adj_save[8];
+#endif
+
 /* Prototypes for various functions defined later in this file. */
 void destroy_sensitive_data(void);
 void demote_sensitive_data(void);
@@ -905,6 +910,31 @@ recv_rexec_state(int fd, Buffer *conf)
         debug3("%s: done", __func__);
 }
 
+#ifdef OOM_ADJUST
+/*
+ * If requested in the environment, tell the Linux kernel's out-of-memory
+ * killer to avoid sshd. The old state will be restored when forking child
+ * processes.
+ */
+static void
+oom_adjust_startup(void)
+{
+        const char *oom_adj = getenv("SSHD_OOM_ADJUST");
+
+        if (!oom_adj)
+                return;
+        oom_adj_get(oom_adj_save, sizeof(oom_adj_save));
+        oom_adj_set(oom_adj);
+}
+
+static void
+oom_restore(void)
+{
+        if (oom_adj_save[0])
+                oom_adj_set(oom_adj_save);
+}
+#endif
+
 /* Accept a connection from inetd */
 static void
 server_accept_inetd(int *sock_in, int *sock_out)
@@ -1624,6 +1654,11 @@ main(int ac, char **av)
         /* ignore SIGPIPE */
         signal(SIGPIPE, SIG_IGN);
 
+#ifdef OOM_ADJUST
+        /* Adjust out-of-memory killer */
+        oom_adjust_startup();
+#endif
+
         /* Get a connection, either from inetd or a listening TCP socket */
         if (inetd_flag) {
                 server_accept_inetd(&sock_in, &sock_out);
@@ -1666,6 +1701,10 @@ main(int ac, char **av)
         /* This is the child processing a new connection. */
         setproctitle("%s", "[accepted]");
 
+#ifdef OOM_ADJUST
+        oom_restore();
+#endif
+
         /*
          * Create a new session and process group since the 4.4BSD
          * setlogin() affects the entire process group.  We don't