1 files changed, 10 insertions, 10 deletions

diff --git a/kernel/sys.c b/kernel/sys.c
index 6af9212ab5aa..78947de6f969 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1853,11 +1853,13 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
                 user_auxv[AT_VECTOR_SIZE - 1] = AT_NULL;
         }
 
-        if (prctl_map.exe_fd != (u32)-1)
+        if (prctl_map.exe_fd != (u32)-1) {
                 error = prctl_set_mm_exe_file(mm, prctl_map.exe_fd);
-        down_read(&mm->mmap_sem);
-        if (error)
-                goto out;
+                if (error)
+                        return error;
+        }
+
+        down_write(&mm->mmap_sem);
 
         /*
          * We don't validate if these members are pointing to
@@ -1894,10 +1896,8 @@ static int prctl_set_mm_map(int opt, const void __user *addr, unsigned long data
         if (prctl_map.auxv_size)
                 memcpy(mm->saved_auxv, user_auxv, sizeof(user_auxv));
 
-        error = 0;
-out:
-        up_read(&mm->mmap_sem);
-        return error;
+        up_write(&mm->mmap_sem);
+        return 0;
 }
 #endif /* CONFIG_CHECKPOINT_RESTORE */
 
@@ -1963,7 +1963,7 @@ static int prctl_set_mm(int opt, unsigned long addr,
 
         error = -EINVAL;
 
-        down_read(&mm->mmap_sem);
+        down_write(&mm->mmap_sem);
         vma = find_vma(mm, addr);
 
         prctl_map.start_code    = mm->start_code;
@@ -2056,7 +2056,7 @@ static int prctl_set_mm(int opt, unsigned long addr,
 
         error = 0;
 out:
-        up_read(&mm->mmap_sem);
+        up_write(&mm->mmap_sem);
         return error;
 }