8 files changed, 10 insertions, 38 deletions

diff --git a/include/linux/security.h b/include/linux/security.h
index 8325eddd9ee4..2fefad6d27a0 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -1679,9 +1679,7 @@ int security_quotactl(int cmds, int type, int id, struct super_block *sb);
 int security_quota_on(struct dentry *dentry);
 int security_syslog(int type);
 int security_settime(const struct timespec *ts, const struct timezone *tz);
-int security_vm_enough_memory(long pages);
 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages);
-int security_vm_enough_memory_kern(long pages);
 int security_bprm_set_creds(struct linux_binprm *bprm);
 int security_bprm_check(struct linux_binprm *bprm);
 void security_bprm_committing_creds(struct linux_binprm *bprm);
@@ -1902,25 +1900,11 @@ static inline int security_settime(const struct timespec *ts,
         return cap_settime(ts, tz);
 }
 
-static inline int security_vm_enough_memory(long pages)
-{
-        WARN_ON(current->mm == NULL);
-        return cap_vm_enough_memory(current->mm, pages);
-}
-
 static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
 {
-        WARN_ON(mm == NULL);
         return cap_vm_enough_memory(mm, pages);
 }
 
-static inline int security_vm_enough_memory_kern(long pages)
-{
-        /* If current->mm is a kernel thread then we will pass NULL,
-           for this specific case that is fine */
-        return cap_vm_enough_memory(current->mm, pages);
-}
-
 static inline int security_bprm_set_creds(struct linux_binprm *bprm)
 {
         return cap_bprm_set_creds(bprm);
diff --git a/kernel/fork.c b/kernel/fork.c
index f0e7781ba9b4..d5ebddf317a9 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -355,7 +355,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
                 charge = 0;
                 if (mpnt->vm_flags & VM_ACCOUNT) {
                         unsigned int len = (mpnt->vm_end - mpnt->vm_start) >> PAGE_SHIFT;
-                        if (security_vm_enough_memory(len))
+                        if (security_vm_enough_memory_mm(oldmm, len)) /* sic */
                                 goto fail_nomem;
                         charge = len;
                 }
diff --git a/mm/mmap.c b/mm/mmap.c
index 3f758c7f4c81..db05495d6d0a 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1235,7 +1235,7 @@ munmap_back:
          */
         if (accountable_mapping(file, vm_flags)) {
                 charged = len >> PAGE_SHIFT;
-                if (security_vm_enough_memory(charged))
+                if (security_vm_enough_memory_mm(mm, charged))
                         return -ENOMEM;
                 vm_flags |= VM_ACCOUNT;
         }
@@ -2169,7 +2169,7 @@ unsigned long do_brk(unsigned long addr, unsigned long len)
         if (mm->map_count > sysctl_max_map_count)
                 return -ENOMEM;
 
-        if (security_vm_enough_memory(len >> PAGE_SHIFT))
+        if (security_vm_enough_memory_mm(mm, len >> PAGE_SHIFT))
                 return -ENOMEM;
 
         /* Can we just expand an old private anonymous mapping? */
diff --git a/mm/mprotect.c b/mm/mprotect.c
index 5a688a2756be..9599fa2d0e92 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -168,7 +168,7 @@ mprotect_fixup(struct vm_area_struct *vma, struct vm_area_struct **pprev,
                 if (!(oldflags & (VM_ACCOUNT|VM_WRITE|VM_HUGETLB|
                                                 VM_SHARED|VM_NORESERVE))) {
                         charged = nrpages;
-                        if (security_vm_enough_memory(charged))
+                        if (security_vm_enough_memory_mm(mm, charged))
                                 return -ENOMEM;
                         newflags |= VM_ACCOUNT;
                 }
diff --git a/mm/mremap.c b/mm/mremap.c
index 87bb8393e7d2..db8d983b5a7d 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -329,7 +329,7 @@ static struct vm_area_struct *vma_to_resize(unsigned long addr,
 
         if (vma->vm_flags & VM_ACCOUNT) {
                 unsigned long charged = (new_len - old_len) >> PAGE_SHIFT;
-                if (security_vm_enough_memory(charged))
+                if (security_vm_enough_memory_mm(mm, charged))
                         goto Efault;
                 *p = charged;
         }
diff --git a/mm/shmem.c b/mm/shmem.c
index 269d049294ab..d9c293952755 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -127,7 +127,7 @@ static inline struct shmem_sb_info *SHMEM_SB(struct super_block *sb)
 static inline int shmem_acct_size(unsigned long flags, loff_t size)
 {
         return (flags & VM_NORESERVE) ?
-                0 : security_vm_enough_memory_kern(VM_ACCT(size));
+                0 : security_vm_enough_memory_mm(current->mm, VM_ACCT(size));
 }
 
 static inline void shmem_unacct_size(unsigned long flags, loff_t size)
@@ -145,7 +145,7 @@ static inline void shmem_unacct_size(unsigned long flags, loff_t size)
 static inline int shmem_acct_block(unsigned long flags)
 {
         return (flags & VM_NORESERVE) ?
-                security_vm_enough_memory_kern(VM_ACCT(PAGE_CACHE_SIZE)) : 0;
+                security_vm_enough_memory_mm(current->mm, VM_ACCT(PAGE_CACHE_SIZE)) : 0;
 }
 
 static inline void shmem_unacct_blocks(unsigned long flags, long pages)
diff --git a/mm/swapfile.c b/mm/swapfile.c
index d999f090dfda..f0d79296dd55 100644
--- a/mm/swapfile.c
+++ b/mm/swapfile.c
@@ -1563,6 +1563,8 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
         if (!capable(CAP_SYS_ADMIN))
                 return -EPERM;
 
+        BUG_ON(!current->mm);
+
         pathname = getname(specialfile);
         err = PTR_ERR(pathname);
         if (IS_ERR(pathname))
@@ -1590,7 +1592,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
                 spin_unlock(&swap_lock);
                 goto out_dput;
         }
-        if (!security_vm_enough_memory(p->pages))
+        if (!security_vm_enough_memory_mm(current->mm, p->pages))
                 vm_unacct_memory(p->pages);
         else {
                 err = -ENOMEM;
diff --git a/security/security.c b/security/security.c
index 7d9426bb7442..44177add4713 100644
--- a/security/security.c
+++ b/security/security.c
@@ -187,25 +187,11 @@ int security_settime(const struct timespec *ts, const struct timezone *tz)
         return security_ops->settime(ts, tz);
 }
 
-int security_vm_enough_memory(long pages)
-{
-        WARN_ON(current->mm == NULL);
-        return security_ops->vm_enough_memory(current->mm, pages);
-}
-
 int security_vm_enough_memory_mm(struct mm_struct *mm, long pages)
 {
-        WARN_ON(mm == NULL);
         return security_ops->vm_enough_memory(mm, pages);
 }
 
-int security_vm_enough_memory_kern(long pages)
-{
-        /* If current->mm is a kernel thread then we will pass NULL,
-           for this specific case that is fine */
-        return security_ops->vm_enough_memory(current->mm, pages);
-}
-
 int security_bprm_set_creds(struct linux_binprm *bprm)
 {
         return security_ops->bprm_set_creds(bprm);