Re: [PATCH] NOMMU: Don't pass NULL pointers to fput() indo_mmap_pgoff()
From: Andrew Morton
Date: Fri Oct 30 2009 - 17:23:35 EST
On Fri, 30 Oct 2009 13:13:26 +0000
David Howells <dhowells@xxxxxxxxxx> wrote:
> Don't pass NULL pointers to fput() in the error handling paths of the NOMMU
> do_mmap_pgoff() as it can't handle it.
>
> The following can be used as a test program:
>
> int main() { static long long a[1024 * 1024 * 20] = { 0 }; return a;}
>
> Without the patch, the code oopses in atomic_long_dec_and_test() as called by
> fput() after the kernel complains that it can't allocate that big a chunk of
> memory. With the patch, the kernel just complains about the allocation size
> and then the program segfaults during execve() as execve() can't complete the
> allocation of all the new ELF program segments.
>
> Reported-by: Robin Getz <rgetz@xxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
> Acked-by: Robin Getz <rgetz@xxxxxxxxxxxxxxxxxxxx>
> ---
>
> mm/nommu.c | 6 ++++--
> 1 files changed, 4 insertions(+), 2 deletions(-)
>
>
> diff --git a/mm/nommu.c b/mm/nommu.c
> index cfea46c..969392c 100644
> --- a/mm/nommu.c
> +++ b/mm/nommu.c
> @@ -1364,9 +1364,11 @@ share:
> error_just_free:
> up_write(&nommu_region_sem);
> error:
> - fput(region->vm_file);
> + if (region->vm_file)
> + fput(region->vm_file);
> kmem_cache_free(vm_region_jar, region);
> - fput(vma->vm_file);
> + if (vma->vm_file)
> + fput(vma->vm_file);
> if (vma->vm_flags & VM_EXECUTABLE)
> removed_exe_file_vma(vma->vm_mm);
> kmem_cache_free(vm_area_cachep, vma);
Seems like a pretty obvious -stable candidate, but no stable tag in the
changelog?
Assuming this is needed in -stable, do we know how far back in time the
bug exists?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/