[Devel] [PATCH rh7] memcg: do not allow to disable oom from inside a container

[Vladimir Davydov]

It is possible to disable oom killer inside a memory cgroup by writing 1
to memory.oom_control. If a process inside such a cgroup hits the memory
limit and is unable to reclaim anything, it will wait until more memory
becomes available.

This operation shouldn't be allowed inside container, because (a)
disabling oom in a cgroup disables it in all its ascendants and (b) it
is impossible to stop a container if there is a process waiting for
memory instead of invoking oom killer (freezer will never be able to
freeze it).

Signed-off-by: Vladimir Davydov <vdavydov at parallels.com>
---
 mm/memcontrol.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 2b87dbc5c0cd..8747792d69b2 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -5913,6 +5913,9 @@ static int mem_cgroup_oom_control_write(struct cgroup *cgrp,
 	if (!cgrp->parent || !((val == 0) || (val == 1)))
 		return -EINVAL;
 
+	if (!ve_is_super(get_exec_env()) && val != 0)
+		return -EACCES;
+
 	memcg->oom_kill_disable = val;
 	if (!val)
 		memcg_oom_recover(memcg);
-- 
2.1.4