Commit f0ec1aaf authored by Oleg Nesterov's avatar Oleg Nesterov Committed by Linus Torvalds

[PATCH] xacct_add_tsk: fix pure theoretical ->mm use-after-free

Paranoid fix. The task can free its ->mm after the 'if (p->mm)' check.
Signed-off-by: default avatarOleg Nesterov <oleg@tv-sign.ru>
Cc: Shailabh Nagar <nagar@watson.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: Jay Lan <jlan@sgi.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent d45e44d4
...@@ -80,13 +80,17 @@ void bacct_add_tsk(struct taskstats *stats, struct task_struct *tsk) ...@@ -80,13 +80,17 @@ void bacct_add_tsk(struct taskstats *stats, struct task_struct *tsk)
*/ */
void xacct_add_tsk(struct taskstats *stats, struct task_struct *p) void xacct_add_tsk(struct taskstats *stats, struct task_struct *p)
{ {
struct mm_struct *mm;
/* convert pages-jiffies to Mbyte-usec */ /* convert pages-jiffies to Mbyte-usec */
stats->coremem = jiffies_to_usecs(p->acct_rss_mem1) * PAGE_SIZE / MB; stats->coremem = jiffies_to_usecs(p->acct_rss_mem1) * PAGE_SIZE / MB;
stats->virtmem = jiffies_to_usecs(p->acct_vm_mem1) * PAGE_SIZE / MB; stats->virtmem = jiffies_to_usecs(p->acct_vm_mem1) * PAGE_SIZE / MB;
if (p->mm) { mm = get_task_mm(p);
if (mm) {
/* adjust to KB unit */ /* adjust to KB unit */
stats->hiwater_rss = p->mm->hiwater_rss * PAGE_SIZE / KB; stats->hiwater_rss = mm->hiwater_rss * PAGE_SIZE / KB;
stats->hiwater_vm = p->mm->hiwater_vm * PAGE_SIZE / KB; stats->hiwater_vm = mm->hiwater_vm * PAGE_SIZE / KB;
mmput(mm);
} }
stats->read_char = p->rchar; stats->read_char = p->rchar;
stats->write_char = p->wchar; stats->write_char = p->wchar;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment