Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit f0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9

Authored by Oleg Nesterov
Committed by Linus Torvalds
1 parent d45e44d4be
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

[PATCH] xacct_add_tsk: fix pure theoretical ->mm use-after-free 

Paranoid fix. The task can free its ->mm after the 'if (p->mm)' check.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Shailabh Nagar <nagar@watson.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Jay Lan <jlan@sgi.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

Showing 1 changed file with 7 additions and 3 deletions Side-by-side Diff

... ... @@ -80,13 +80,17 @@
80 80 */
81 81 void xacct_add_tsk(struct taskstats *stats, struct task_struct *p)
82 82 {
  83 + struct mm_struct *mm;
  84 +
83 85 /* convert pages-jiffies to Mbyte-usec */
84 86 stats->coremem = jiffies_to_usecs(p->acct_rss_mem1) * PAGE_SIZE / MB;
85 87 stats->virtmem = jiffies_to_usecs(p->acct_vm_mem1) * PAGE_SIZE / MB;
86   - if (p->mm) {
  88 + mm = get_task_mm(p);
  89 + if (mm) {
87 90 /* adjust to KB unit */
88   - stats->hiwater_rss = p->mm->hiwater_rss * PAGE_SIZE / KB;
89   - stats->hiwater_vm = p->mm->hiwater_vm * PAGE_SIZE / KB;
  91 + stats->hiwater_rss = mm->hiwater_rss * PAGE_SIZE / KB;
  92 + stats->hiwater_vm = mm->hiwater_vm * PAGE_SIZE / KB;
  93 + mmput(mm);
90 94 }
91 95 stats->read_char = p->rchar;
92 96 stats->write_char = p->wchar;