Re: [PATCH] mm: mmap: Check all failures before set values
From: Michal Hocko
Date: Mon Aug 24 2015 - 07:32:41 EST
On Mon 24-08-15 00:59:39, gang.chen.5i5j@xxxxxx wrote:
> From: Chen Gang <gang.chen.5i5j@xxxxxxxxx>
>
> When failure occurs and return, vma->vm_pgoff is already set, which is
> not a good idea.
Why? The vma is not inserted anywhere and the failure path is supposed
to simply free the vma.
> Signed-off-by: Chen Gang <gang.chen.5i5j@xxxxxxxxx>
> ---
> mm/mmap.c | 13 +++++++------
> 1 file changed, 7 insertions(+), 6 deletions(-)
>
> diff --git a/mm/mmap.c b/mm/mmap.c
> index 8e0366e..b5a6f09 100644
> --- a/mm/mmap.c
> +++ b/mm/mmap.c
> @@ -2878,6 +2878,13 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma)
> struct vm_area_struct *prev;
> struct rb_node **rb_link, *rb_parent;
>
> + if (find_vma_links(mm, vma->vm_start, vma->vm_end,
> + &prev, &rb_link, &rb_parent))
> + return -ENOMEM;
> + if ((vma->vm_flags & VM_ACCOUNT) &&
> + security_vm_enough_memory_mm(mm, vma_pages(vma)))
> + return -ENOMEM;
> +
> /*
> * The vm_pgoff of a purely anonymous vma should be irrelevant
> * until its first write fault, when page's anon_vma and index
> @@ -2894,12 +2901,6 @@ int insert_vm_struct(struct mm_struct *mm, struct vm_area_struct *vma)
> BUG_ON(vma->anon_vma);
> vma->vm_pgoff = vma->vm_start >> PAGE_SHIFT;
> }
> - if (find_vma_links(mm, vma->vm_start, vma->vm_end,
> - &prev, &rb_link, &rb_parent))
> - return -ENOMEM;
> - if ((vma->vm_flags & VM_ACCOUNT) &&
> - security_vm_enough_memory_mm(mm, vma_pages(vma)))
> - return -ENOMEM;
>
> vma_link(mm, vma, prev, rb_link, rb_parent);
> return 0;
> --
> 1.9.3
--
Michal Hocko
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/