[PATCH 2.6.0-test2] security fixes
From: ffrederick
Date: Mon Aug 25 2003 - 05:04:46 EST
Andrew,
Here's a patch against 2.6.0-test2 security :
Summary:
-Adding some doc to enough_memory proc
-Reordering checks (overcommit_memory is _rare_ case)
Could you apply ?
Regards,
Fabian
diff -Naur orig/security/capability.c edited/security/capability.c
--- orig/security/capability.c 2003-07-27 17:00:30.000000000 +0000
+++ edited/security/capability.c 2003-08-16 10:31:33.000000000 +0000
@@ -295,12 +295,7 @@
vm_acct_memory(pages);
- /*
- * Sometimes we want to use more memory than we have
- */
- if (sysctl_overcommit_memory == 1)
- return 0;
-
+ /* We estimate memory ourselves (major cases)*/
if (sysctl_overcommit_memory == 0) {
free = get_page_cache_size();
free += nr_free_pages();
@@ -322,10 +317,16 @@
if (free > pages)
return 0;
+
vm_unacct_memory(pages);
return -ENOMEM;
}
+ /* Kernel assumes allocation */
+ if (sysctl_overcommit_memory == 1)
+ return 0;
+
+ /* sysctl_overcommit_memory must be 2 which means strict_overcommit*/
allowed = totalram_pages * sysctl_overcommit_ratio / 100;
allowed += total_swap_pages;
___________________________________
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/