sysdeps: Only open oom_score_adj read/write if we need to write it

If we're running in a sandbox, we might not have write access to oom_score_adj. In the common case where we don't have any special protection from the OOM-killer, we can detect that with only read access, and skip the part where we open it for writing. (We would also not have write access to oom_score_adj if we're running with elevated Linux capabilities while not root, but that should never actually happen for dbus-daemon-launch-helper, which is setuid root for production use or has no capabilities during unit-testing.) Signed-off-by: Simon McVittie <smcv@collabora.com> (cherry picked from commit a8006841ce) Backported-from: dbus!291
2026-05-04 16:28:04 +02:00 · 2022-04-01 18:56:26 +01:00 · 2022-04-01 18:56:26 +01:00 · a54da99a06
commit a54da99a06
parent aacd468108
1 changed files with 23 additions and 3 deletions
--- a/dbus/dbus-sysdeps-util-unix.c
+++ b/dbus/dbus-sysdeps-util-unix.c
@ -1627,12 +1627,12 @@ _dbus_reset_oom_score_adj (const char **error_str_p)
  const char *error_str = NULL;

 #ifdef O_CLOEXEC
-  fd = open ("/proc/self/oom_score_adj", O_RDWR | O_CLOEXEC);
+  fd = open ("/proc/self/oom_score_adj", O_RDONLY | O_CLOEXEC);
 #endif

  if (fd < 0)
    {
-      fd = open ("/proc/self/oom_score_adj", O_RDWR);
+      fd = open ("/proc/self/oom_score_adj", O_RDONLY);
      if (fd >= 0)
        _dbus_fd_set_close_on_exec (fd);
    }
@ -1680,6 +1680,26 @@ _dbus_reset_oom_score_adj (const char **error_str_p)
          goto out;
        }

+      close (fd);
+#ifdef O_CLOEXEC
+      fd = open ("/proc/self/oom_score_adj", O_WRONLY | O_CLOEXEC);
+
+      if (fd < 0)
+#endif
+        {
+          fd = open ("/proc/self/oom_score_adj", O_WRONLY);
+          if (fd >= 0)
+            _dbus_fd_set_close_on_exec (fd);
+        }
+
+      if (fd < 0)
+        {
+          ret = FALSE;
+          error_str = "open(/proc/self/oom_score_adj) for writing";
+          saved_errno = errno;
+          goto out;
+        }
+
      if (pwrite (fd, "0", sizeof (char), 0) < 0)
        {
          ret = FALSE;
@ -1700,7 +1720,7 @@ _dbus_reset_oom_score_adj (const char **error_str_p)
  else
    {
      ret = FALSE;
-      error_str = "open(/proc/self/oom_score_adj)";
+      error_str = "open(/proc/self/oom_score_adj) for reading";
      saved_errno = errno;
      goto out;
    }