[PATCH] rmap: validate pointer in anon_vma_clone

From: Leon Ma
Date: Tue May 06 2014 - 22:36:19 EST


If memory allocation failed in first loop, root will be NULL and
will lead to kernel panic.

Signed-off-by: Leon Ma <xindong.ma@xxxxxxxxx>
---
mm/rmap.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/mm/rmap.c b/mm/rmap.c
index 9c3e773..6e53aed 100644
--- a/mm/rmap.c
+++ b/mm/rmap.c
@@ -246,8 +246,10 @@ int anon_vma_clone(struct vm_area_struct *dst, struct vm_area_struct *src)

avc = anon_vma_chain_alloc(GFP_NOWAIT | __GFP_NOWARN);
if (unlikely(!avc)) {
- unlock_anon_vma_root(root);
- root = NULL;
+ if (!root) {
+ unlock_anon_vma_root(root);
+ root = NULL;
+ }
avc = anon_vma_chain_alloc(GFP_KERNEL);
if (!avc)
goto enomem_failure;
--
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/