Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik;

closes: #480020).
author: Colin Watson <cjwatson@debian.org> 2008-05-25 22:32:48 +0000
committer: Colin Watson <cjwatson@debian.org> 2008-05-25 22:32:48 +0000
commit: 1c35a89108e4c8a0913a408f0885d53c4899351a (patch)
tree: 790d2867539c5952fb0c7615cb1188369a6ef599 /sshd.c
parent: 8f03e38340e0da0aa566551a71770f0fbc4a8e8d (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/sshd.c b/sshd.c
index 2d428967c..1d2769a56 100644
--- a/sshd.c
+++ b/sshd.c
@@ -251,6 +251,11 @@ Buffer loginmsg;
 /* Unprivileged user */
 struct passwd *privsep_pw = NULL;
+#ifdef OOM_ADJUST
+/* Linux out-of-memory killer adjustment */
+static char oom_adj_save[8];
+#endif
 /* Prototypes for various functions defined later in this file. */
 void destroy_sensitive_data(void);
 void demote_sensitive_data(void);
@@ -905,6 +910,31 @@ recv_rexec_state(int fd, Buffer *conf)
        debug3("%s: done", __func__);
 }
+#ifdef OOM_ADJUST
+/*
+ * If requested in the environment, tell the Linux kernel's out-of-memory
+ * killer to avoid sshd. The old state will be restored when forking child
+ * processes.
+ */
+static void
+oom_adjust_startup(void)
+{
+        const char *oom_adj = getenv("SSHD_OOM_ADJUST");
+        if (!oom_adj)
+                return;
+        oom_adj_get(oom_adj_save, sizeof(oom_adj_save));
+        oom_adj_set(oom_adj);
+}
+static void
+oom_restore(void)
+{
+        if (oom_adj_save[0])
+                oom_adj_set(oom_adj_save);
+}
+#endif
 /* Accept a connection from inetd */
 static void
 server_accept_inetd(int *sock_in, int *sock_out)
@@ -1624,6 +1654,11 @@ main(int ac, char **av)
        /* ignore SIGPIPE */
        signal(SIGPIPE, SIG_IGN);
+#ifdef OOM_ADJUST
+        /* Adjust out-of-memory killer */
+        oom_adjust_startup();
+#endif
        /* Get a connection, either from inetd or a listening TCP socket */
        if (inetd_flag) {
                server_accept_inetd(&sock_in, &sock_out);
@@ -1666,6 +1701,10 @@ main(int ac, char **av)
        /* This is the child processing a new connection. */
        setproctitle("%s", "[accepted]");
+#ifdef OOM_ADJUST
+        oom_restore();
+#endif
        /*
         * Create a new session and process group since the 4.4BSD
         * setlogin() affects the entire process group.  We don't
author	Colin Watson <cjwatson@debian.org>	2008-05-25 22:32:48 +0000
committer	Colin Watson <cjwatson@debian.org>	2008-05-25 22:32:48 +0000
commit	1c35a89108e4c8a0913a408f0885d53c4899351a (patch)
tree	790d2867539c5952fb0c7615cb1188369a6ef599 /sshd.c
parent	8f03e38340e0da0aa566551a71770f0fbc4a8e8d (diff)

diff --git a/sshd.c b/sshd.c index 2d428967c..1d2769a56 100644 --- a/sshd.c +++ b/sshd.c
@@ -251,6 +251,11 @@ Buffer loginmsg;
251	/* Unprivileged user */	251	/* Unprivileged user */
252	struct passwd *privsep_pw = NULL;	252	struct passwd *privsep_pw = NULL;
253		253
		254	#ifdef OOM_ADJUST
		255	/* Linux out-of-memory killer adjustment */
		256	static char oom_adj_save[8];
		257	#endif
		258
254	/* Prototypes for various functions defined later in this file. */	259	/* Prototypes for various functions defined later in this file. */
255	void destroy_sensitive_data(void);	260	void destroy_sensitive_data(void);
256	void demote_sensitive_data(void);	261	void demote_sensitive_data(void);
@@ -905,6 +910,31 @@ recv_rexec_state(int fd, Buffer *conf)
905	debug3("%s: done", __func__);	910	debug3("%s: done", __func__);
906	}	911	}
907		912
		913	#ifdef OOM_ADJUST
		914	/*
		915	* If requested in the environment, tell the Linux kernel's out-of-memory
		916	* killer to avoid sshd. The old state will be restored when forking child
		917	* processes.
		918	*/
		919	static void
		920	oom_adjust_startup(void)
		921	{
		922	const char *oom_adj = getenv("SSHD_OOM_ADJUST");
		923
		924	if (!oom_adj)
		925	return;
		926	oom_adj_get(oom_adj_save, sizeof(oom_adj_save));
		927	oom_adj_set(oom_adj);
		928	}
		929
		930	static void
		931	oom_restore(void)
		932	{
		933	if (oom_adj_save[0])
		934	oom_adj_set(oom_adj_save);
		935	}
		936	#endif
		937
908	/* Accept a connection from inetd */	938	/* Accept a connection from inetd */
909	static void	939	static void
910	server_accept_inetd(int sock_in, int sock_out)	940	server_accept_inetd(int sock_in, int sock_out)
@@ -1624,6 +1654,11 @@ main(int ac, char **av)
1624	/* ignore SIGPIPE */	1654	/* ignore SIGPIPE */
1625	signal(SIGPIPE, SIG_IGN);	1655	signal(SIGPIPE, SIG_IGN);
1626		1656
		1657	#ifdef OOM_ADJUST
		1658	/* Adjust out-of-memory killer */
		1659	oom_adjust_startup();
		1660	#endif
		1661
1627	/* Get a connection, either from inetd or a listening TCP socket */	1662	/* Get a connection, either from inetd or a listening TCP socket */
1628	if (inetd_flag) {	1663	if (inetd_flag) {
1629	server_accept_inetd(&sock_in, &sock_out);	1664	server_accept_inetd(&sock_in, &sock_out);
@@ -1666,6 +1701,10 @@ main(int ac, char **av)
1666	/* This is the child processing a new connection. */	1701	/* This is the child processing a new connection. */
1667	setproctitle("%s", "[accepted]");	1702	setproctitle("%s", "[accepted]");
1668		1703
		1704	#ifdef OOM_ADJUST
		1705	oom_restore();
		1706	#endif
		1707
1669	/*	1708	/*
1670	* Create a new session and process group since the 4.4BSD	1709	* Create a new session and process group since the 4.4BSD
1671	* setlogin() affects the entire process group. We don't	1710	* setlogin() affects the entire process group. We don't