diff options
Diffstat (limited to 'debian/patches/oom-adjust.patch')
-rw-r--r-- | debian/patches/oom-adjust.patch | 219 |
1 files changed, 0 insertions, 219 deletions
diff --git a/debian/patches/oom-adjust.patch b/debian/patches/oom-adjust.patch deleted file mode 100644 index ce79053f7..000000000 --- a/debian/patches/oom-adjust.patch +++ /dev/null | |||
@@ -1,219 +0,0 @@ | |||
1 | Description: Disable the Linux kernel's OOM-killer for the sshd parent | ||
2 | Author: Vaclav Ovsik <vaclav.ovsik@i.cz> | ||
3 | Author: Colin Watson <cjwatson@debian.org> | ||
4 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1470 | ||
5 | Bug-Debian: http://bugs.debian.org/480020 | ||
6 | Last-Update: 2010-02-27 | ||
7 | |||
8 | Index: b/config.h.in | ||
9 | =================================================================== | ||
10 | --- a/config.h.in | ||
11 | +++ b/config.h.in | ||
12 | @@ -1238,6 +1238,9 @@ | ||
13 | /* Define if X11 doesn't support AF_UNIX sockets on that system */ | ||
14 | #undef NO_X11_UNIX_SOCKETS | ||
15 | |||
16 | +/* Adjust Linux out-of-memory killer */ | ||
17 | +#undef OOM_ADJUST | ||
18 | + | ||
19 | /* Define if EVP_DigestUpdate returns void */ | ||
20 | #undef OPENSSL_EVP_DIGESTUPDATE_VOID | ||
21 | |||
22 | Index: b/configure | ||
23 | =================================================================== | ||
24 | --- a/configure | ||
25 | +++ b/configure | ||
26 | @@ -8369,6 +8369,11 @@ | ||
27 | _ACEOF | ||
28 | |||
29 | fi | ||
30 | + | ||
31 | +cat >>confdefs.h <<\_ACEOF | ||
32 | +#define OOM_ADJUST 1 | ||
33 | +_ACEOF | ||
34 | + | ||
35 | ;; | ||
36 | mips-sony-bsd|mips-sony-newsos4) | ||
37 | |||
38 | Index: b/configure.ac | ||
39 | =================================================================== | ||
40 | --- a/configure.ac | ||
41 | +++ b/configure.ac | ||
42 | @@ -630,6 +630,7 @@ | ||
43 | AC_DEFINE(SSH_TUN_PREPEND_AF, 1, | ||
44 | [Prepend the address family to IP tunnel traffic]) | ||
45 | fi | ||
46 | + AC_DEFINE(OOM_ADJUST, 1, [Adjust Linux out-of-memory killer]) | ||
47 | ;; | ||
48 | mips-sony-bsd|mips-sony-newsos4) | ||
49 | AC_DEFINE(NEED_SETPGRP, 1, [Need setpgrp to acquire controlling tty]) | ||
50 | Index: b/openbsd-compat/port-linux.c | ||
51 | =================================================================== | ||
52 | --- a/openbsd-compat/port-linux.c | ||
53 | +++ b/openbsd-compat/port-linux.c | ||
54 | @@ -18,7 +18,7 @@ | ||
55 | */ | ||
56 | |||
57 | /* | ||
58 | - * Linux-specific portability code - just SELinux support at present | ||
59 | + * Linux-specific portability code | ||
60 | */ | ||
61 | |||
62 | #include "includes.h" | ||
63 | @@ -27,6 +27,15 @@ | ||
64 | #include <stdarg.h> | ||
65 | #include <string.h> | ||
66 | |||
67 | +#ifdef OOM_ADJUST | ||
68 | +#include <sys/types.h> | ||
69 | +#include <sys/stat.h> | ||
70 | +#include <fcntl.h> | ||
71 | +#include <unistd.h> | ||
72 | +#endif | ||
73 | + | ||
74 | +#include "log.h" | ||
75 | + | ||
76 | #ifdef WITH_SELINUX | ||
77 | #include "key.h" | ||
78 | #include "hostfile.h" | ||
79 | @@ -34,7 +43,6 @@ | ||
80 | #ifdef HAVE_GETSEUSERBYNAME | ||
81 | #include "xmalloc.h" | ||
82 | #endif | ||
83 | -#include "log.h" | ||
84 | #include "port-linux.h" | ||
85 | |||
86 | #include <selinux/selinux.h> | ||
87 | @@ -186,3 +194,47 @@ | ||
88 | debug3("%s: done", __func__); | ||
89 | } | ||
90 | #endif /* WITH_SELINUX */ | ||
91 | + | ||
92 | +#ifdef OOM_ADJUST | ||
93 | +/* Get the out-of-memory adjustment file for the current process */ | ||
94 | +static int | ||
95 | +oom_adj_open(int oflag) | ||
96 | +{ | ||
97 | + int fd = open("/proc/self/oom_adj", oflag); | ||
98 | + if (fd < 0) | ||
99 | + logit("error opening /proc/self/oom_adj: %s", strerror(errno)); | ||
100 | + return fd; | ||
101 | +} | ||
102 | + | ||
103 | +/* Get the current OOM adjustment */ | ||
104 | +int | ||
105 | +oom_adj_get(char *buf, size_t maxlen) | ||
106 | +{ | ||
107 | + ssize_t n; | ||
108 | + int fd = oom_adj_open(O_RDONLY); | ||
109 | + if (fd < 0) | ||
110 | + return -1; | ||
111 | + n = read(fd, buf, maxlen); | ||
112 | + if (n < 0) | ||
113 | + logit("error reading /proc/self/oom_adj: %s", strerror(errno)); | ||
114 | + else | ||
115 | + buf[n] = '\0'; | ||
116 | + close(fd); | ||
117 | + return n < 0 ? -1 : 0; | ||
118 | +} | ||
119 | + | ||
120 | +/* Set the current OOM adjustment */ | ||
121 | +int | ||
122 | +oom_adj_set(const char *buf) | ||
123 | +{ | ||
124 | + ssize_t n; | ||
125 | + int fd = oom_adj_open(O_WRONLY); | ||
126 | + if (fd < 0) | ||
127 | + return -1; | ||
128 | + n = write(fd, buf, strlen(buf)); | ||
129 | + if (n < 0) | ||
130 | + logit("error writing /proc/self/oom_adj: %s", strerror(errno)); | ||
131 | + close(fd); | ||
132 | + return n < 0 ? -1 : 0; | ||
133 | +} | ||
134 | +#endif | ||
135 | Index: b/openbsd-compat/port-linux.h | ||
136 | =================================================================== | ||
137 | --- a/openbsd-compat/port-linux.h | ||
138 | +++ b/openbsd-compat/port-linux.h | ||
139 | @@ -25,4 +25,9 @@ | ||
140 | void ssh_selinux_setup_exec_context(char *); | ||
141 | #endif | ||
142 | |||
143 | +#ifdef OOM_ADJUST | ||
144 | +int oom_adj_get(char *buf, size_t maxlen); | ||
145 | +int oom_adj_set(const char *buf); | ||
146 | +#endif | ||
147 | + | ||
148 | #endif /* ! _PORT_LINUX_H */ | ||
149 | Index: b/sshd.c | ||
150 | =================================================================== | ||
151 | --- a/sshd.c | ||
152 | +++ b/sshd.c | ||
153 | @@ -254,6 +254,11 @@ | ||
154 | /* Unprivileged user */ | ||
155 | struct passwd *privsep_pw = NULL; | ||
156 | |||
157 | +#ifdef OOM_ADJUST | ||
158 | +/* Linux out-of-memory killer adjustment */ | ||
159 | +static char oom_adj_save[8]; | ||
160 | +#endif | ||
161 | + | ||
162 | /* Prototypes for various functions defined later in this file. */ | ||
163 | void destroy_sensitive_data(void); | ||
164 | void demote_sensitive_data(void); | ||
165 | @@ -908,6 +913,31 @@ | ||
166 | debug3("%s: done", __func__); | ||
167 | } | ||
168 | |||
169 | +#ifdef OOM_ADJUST | ||
170 | +/* | ||
171 | + * If requested in the environment, tell the Linux kernel's out-of-memory | ||
172 | + * killer to avoid sshd. The old state will be restored when forking child | ||
173 | + * processes. | ||
174 | + */ | ||
175 | +static void | ||
176 | +oom_adjust_startup(void) | ||
177 | +{ | ||
178 | + const char *oom_adj = getenv("SSHD_OOM_ADJUST"); | ||
179 | + | ||
180 | + if (!oom_adj || !*oom_adj) | ||
181 | + return; | ||
182 | + oom_adj_get(oom_adj_save, sizeof(oom_adj_save)); | ||
183 | + oom_adj_set(oom_adj); | ||
184 | +} | ||
185 | + | ||
186 | +static void | ||
187 | +oom_restore(void) | ||
188 | +{ | ||
189 | + if (oom_adj_save[0]) | ||
190 | + oom_adj_set(oom_adj_save); | ||
191 | +} | ||
192 | +#endif | ||
193 | + | ||
194 | /* Accept a connection from inetd */ | ||
195 | static void | ||
196 | server_accept_inetd(int *sock_in, int *sock_out) | ||
197 | @@ -1670,6 +1700,11 @@ | ||
198 | /* ignore SIGPIPE */ | ||
199 | signal(SIGPIPE, SIG_IGN); | ||
200 | |||
201 | +#ifdef OOM_ADJUST | ||
202 | + /* Adjust out-of-memory killer */ | ||
203 | + oom_adjust_startup(); | ||
204 | +#endif | ||
205 | + | ||
206 | /* Get a connection, either from inetd or a listening TCP socket */ | ||
207 | if (inetd_flag) { | ||
208 | server_accept_inetd(&sock_in, &sock_out); | ||
209 | @@ -1708,6 +1743,10 @@ | ||
210 | /* This is the child processing a new connection. */ | ||
211 | setproctitle("%s", "[accepted]"); | ||
212 | |||
213 | +#ifdef OOM_ADJUST | ||
214 | + oom_restore(); | ||
215 | +#endif | ||
216 | + | ||
217 | /* | ||
218 | * Create a new session and process group since the 4.4BSD | ||
219 | * setlogin() affects the entire process group. We don't | ||