aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@tv-sign.ru>2006-10-30 01:46:43 -0500
committerLinus Torvalds <torvalds@g5.osdl.org>2006-10-30 15:08:41 -0500
commitf0ec1aaf54caddd21c259aea8b2ecfbde4ee4fb9 (patch)
tree61202a09a030d659064df65e127b9be1c571c48c
parentd45e44d4be60ef508579001792f33753b5cb6d36 (diff)
[PATCH] xacct_add_tsk: fix pure theoretical ->mm use-after-free
Paranoid fix. The task can free its ->mm after the 'if (p->mm)' check. Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Cc: Shailabh Nagar <nagar@watson.ibm.com> Cc: Balbir Singh <balbir@in.ibm.com> Cc: Jay Lan <jlan@sgi.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--kernel/tsacct.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/kernel/tsacct.c b/kernel/tsacct.c
index 65a5036a3d95..96f77013d3f0 100644
--- a/kernel/tsacct.c
+++ b/kernel/tsacct.c
@@ -80,13 +80,17 @@ void bacct_add_tsk(struct taskstats *stats, struct task_struct *tsk)
80 */ 80 */
81void xacct_add_tsk(struct taskstats *stats, struct task_struct *p) 81void xacct_add_tsk(struct taskstats *stats, struct task_struct *p)
82{ 82{
83 struct mm_struct *mm;
84
83 /* convert pages-jiffies to Mbyte-usec */ 85 /* convert pages-jiffies to Mbyte-usec */
84 stats->coremem = jiffies_to_usecs(p->acct_rss_mem1) * PAGE_SIZE / MB; 86 stats->coremem = jiffies_to_usecs(p->acct_rss_mem1) * PAGE_SIZE / MB;
85 stats->virtmem = jiffies_to_usecs(p->acct_vm_mem1) * PAGE_SIZE / MB; 87 stats->virtmem = jiffies_to_usecs(p->acct_vm_mem1) * PAGE_SIZE / MB;
86 if (p->mm) { 88 mm = get_task_mm(p);
89 if (mm) {
87 /* adjust to KB unit */ 90 /* adjust to KB unit */
88 stats->hiwater_rss = p->mm->hiwater_rss * PAGE_SIZE / KB; 91 stats->hiwater_rss = mm->hiwater_rss * PAGE_SIZE / KB;
89 stats->hiwater_vm = p->mm->hiwater_vm * PAGE_SIZE / KB; 92 stats->hiwater_vm = mm->hiwater_vm * PAGE_SIZE / KB;
93 mmput(mm);
90 } 94 }
91 stats->read_char = p->rchar; 95 stats->read_char = p->rchar;
92 stats->write_char = p->wchar; 96 stats->write_char = p->wchar;