* [PATCH] Prevent NULL pointer deref in grab_swap_token
@ 2006-03-07 21:13 Dean Roe
2006-03-07 21:25 ` Andrew Morton
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Dean Roe @ 2006-03-07 21:13 UTC (permalink / raw
To: akpm; +Cc: linux-kernel, riel
grab_swap_token() assumes that the current process has an mm struct,
which is not true for kernel threads invoking get_user_pages(). Since
this should be extremely rare, just return from grab_swap_token()
without doing anything.
Signed-off-by: Dean Roe <roe@sgi.com>
Index: linux-2.6/mm/thrash.c
===================================================================
--- linux-2.6.orig/mm/thrash.c
+++ linux-2.6/mm/thrash.c
@@ -54,6 +54,9 @@
struct mm_struct *mm;
int reason;
+ if (current->mm == NULL)
+ return;
+
/* We have the token. Let others know we still need it. */
if (has_swap_token(current->mm)) {
current->mm->recent_pagein = 1;
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
@ 2006-03-07 21:25 ` Andrew Morton
2006-03-07 22:49 ` Christoph Hellwig
2006-03-08 9:20 ` Arjan van de Ven
2 siblings, 0 replies; 5+ messages in thread
From: Andrew Morton @ 2006-03-07 21:25 UTC (permalink / raw
To: Dean Roe; +Cc: linux-kernel, riel
Dean Roe <roe@sgi.com> wrote:
>
> grab_swap_token() assumes that the current process has an mm struct,
> which is not true for kernel threads invoking get_user_pages(). Since
> this should be extremely rare, just return from grab_swap_token()
> without doing anything.
>
Fair enough.
Which kernel threads are running get_user_pages()?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
2006-03-07 21:25 ` Andrew Morton
@ 2006-03-07 22:49 ` Christoph Hellwig
2006-03-07 23:12 ` Andrew Morton
2006-03-08 9:20 ` Arjan van de Ven
2 siblings, 1 reply; 5+ messages in thread
From: Christoph Hellwig @ 2006-03-07 22:49 UTC (permalink / raw
To: Dean Roe; +Cc: akpm, linux-kernel, riel
On Tue, Mar 07, 2006 at 03:13:44PM -0600, Dean Roe wrote:
> grab_swap_token() assumes that the current process has an mm struct,
> which is not true for kernel threads invoking get_user_pages(). Since
> this should be extremely rare, just return from grab_swap_token()
> without doing anything.
There's a few things that will break if a kernel thread calls
get_user_pages, so we should rather fix those.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
2006-03-07 22:49 ` Christoph Hellwig
@ 2006-03-07 23:12 ` Andrew Morton
0 siblings, 0 replies; 5+ messages in thread
From: Andrew Morton @ 2006-03-07 23:12 UTC (permalink / raw
To: Christoph Hellwig; +Cc: roe, linux-kernel, riel
Christoph Hellwig <hch@infradead.org> wrote:
>
> On Tue, Mar 07, 2006 at 03:13:44PM -0600, Dean Roe wrote:
> > grab_swap_token() assumes that the current process has an mm struct,
> > which is not true for kernel threads invoking get_user_pages(). Since
> > this should be extremely rare, just return from grab_swap_token()
> > without doing anything.
>
> There's a few things that will break if a kernel thread calls
> get_user_pages, so we should rather fix those.
What things will break? Anything which dinks with current->mm in or
under get_user_pages() is probably already broken.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
2006-03-07 21:25 ` Andrew Morton
2006-03-07 22:49 ` Christoph Hellwig
@ 2006-03-08 9:20 ` Arjan van de Ven
2 siblings, 0 replies; 5+ messages in thread
From: Arjan van de Ven @ 2006-03-08 9:20 UTC (permalink / raw
To: Dean Roe; +Cc: akpm, linux-kernel, riel
On Tue, 2006-03-07 at 15:13 -0600, Dean Roe wrote:
> grab_swap_token() assumes that the current process has an mm struct,
> which is not true for kernel threads invoking get_user_pages().
well WHICH user ? ;)
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2006-03-08 9:21 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
2006-03-07 21:25 ` Andrew Morton
2006-03-07 22:49 ` Christoph Hellwig
2006-03-07 23:12 ` Andrew Morton
2006-03-08 9:20 ` Arjan van de Ven
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).