[Pkg-xen-devel] Bug#961511: xen-utils-common: Protect xenstored/xenconsoled against OOM

Samuel Thibault sthibault at debian.org
Mon May 25 14:11:44 BST 2020 

Package: xen-utils-common
Version: 4.11.3+24-g14b62ab3e5-1
Severity: important

Hello,

In case memory in dom0 gets tight, the OOM killer tends to try to kill
xenstored and xenconsoled. From then on it's very difficult to control
the VMs running on the system... It'd be good to protect them from the
OOM since they are so precious.

I'm currently using a hack such as

        for i in $(pgrep xenconsoled) ; do
                echo -1000 > /proc/$i/oom_score_adj
        done

in /etc/init.d/xen, but there are cleaner ways to do this :)

Samuel

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'oldstable-proposed-updates-debug'), (500, 'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.6.0-1-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages xen-utils-common depends on:
ii  libc6           2.30-8
ii  libxenstore3.0  4.11.3+24-g14b62ab3e5-1
ii  lsb-base        11.1.0
pn  python          <none>
ii  ucf             3.0038+nmu1
ii  udev            245.5-3
ii  xenstore-utils  4.11.3+24-g14b62ab3e5-1

xen-utils-common recommends no packages.

Versions of packages xen-utils-common suggests:
pn  xen-doc  <none>

-- Configuration Files:
/etc/xen/scripts/vif-common.sh changed [not included]
/etc/xen/scripts/vif-nat changed [not included]
/etc/xen/xl.conf changed [not included]

-- no debconf information

More information about the Pkg-xen-devel mailing list