[PATCH] Prevent NULL pointer deref in grab_swap

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] Prevent NULL pointer deref in grab_swap_token
@ 2006-03-07 21:13 Dean Roe
  2006-03-07 21:25 ` Andrew Morton
                   ` (2 more replies)
  0 siblings, 3 replies; 5+ messages in thread
From: Dean Roe @ 2006-03-07 21:13 UTC (permalink / raw)
  To: akpm; +Cc: linux-kernel, riel

grab_swap_token() assumes that the current process has an mm struct,
which is not true for kernel threads invoking get_user_pages().  Since
this should be extremely rare, just return from grab_swap_token()
without doing anything.

	Signed-off-by: Dean Roe <roe@sgi.com>


Index: linux-2.6/mm/thrash.c
===================================================================
--- linux-2.6.orig/mm/thrash.c
+++ linux-2.6/mm/thrash.c
@@ -54,6 +54,9 @@
 	struct mm_struct *mm;
 	int reason;
 
+	if (current->mm == NULL)
+		return;
+
 	/* We have the token. Let others know we still need it. */
 	if (has_swap_token(current->mm)) {
 		current->mm->recent_pagein = 1;

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
  2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
@ 2006-03-07 21:25 ` Andrew Morton
  2006-03-07 22:49 ` Christoph Hellwig
  2006-03-08  9:20 ` Arjan van de Ven
  2 siblings, 0 replies; 5+ messages in thread
From: Andrew Morton @ 2006-03-07 21:25 UTC (permalink / raw)
  To: Dean Roe; +Cc: linux-kernel, riel

Dean Roe <roe@sgi.com> wrote:
>
> grab_swap_token() assumes that the current process has an mm struct,
> which is not true for kernel threads invoking get_user_pages().  Since
> this should be extremely rare, just return from grab_swap_token()
> without doing anything.
> 

Fair enough.

Which kernel threads are running get_user_pages()?


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
  2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
  2006-03-07 21:25 ` Andrew Morton
@ 2006-03-07 22:49 ` Christoph Hellwig
  2006-03-07 23:12   ` Andrew Morton
  2006-03-08  9:20 ` Arjan van de Ven
  2 siblings, 1 reply; 5+ messages in thread
From: Christoph Hellwig @ 2006-03-07 22:49 UTC (permalink / raw)
  To: Dean Roe; +Cc: akpm, linux-kernel, riel

On Tue, Mar 07, 2006 at 03:13:44PM -0600, Dean Roe wrote:
> grab_swap_token() assumes that the current process has an mm struct,
> which is not true for kernel threads invoking get_user_pages().  Since
> this should be extremely rare, just return from grab_swap_token()
> without doing anything.

There's a few things that will break if a kernel thread calls
get_user_pages, so we should rather fix those.


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
  2006-03-07 22:49 ` Christoph Hellwig
@ 2006-03-07 23:12   ` Andrew Morton
  0 siblings, 0 replies; 5+ messages in thread
From: Andrew Morton @ 2006-03-07 23:12 UTC (permalink / raw)
  To: Christoph Hellwig; +Cc: roe, linux-kernel, riel

Christoph Hellwig <hch@infradead.org> wrote:
>
> On Tue, Mar 07, 2006 at 03:13:44PM -0600, Dean Roe wrote:
> > grab_swap_token() assumes that the current process has an mm struct,
> > which is not true for kernel threads invoking get_user_pages().  Since
> > this should be extremely rare, just return from grab_swap_token()
> > without doing anything.
> 
> There's a few things that will break if a kernel thread calls
> get_user_pages, so we should rather fix those.

What things will break?  Anything which dinks with current->mm in or
under get_user_pages() is probably already broken.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] Prevent NULL pointer deref in grab_swap_token
  2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
  2006-03-07 21:25 ` Andrew Morton
  2006-03-07 22:49 ` Christoph Hellwig
@ 2006-03-08  9:20 ` Arjan van de Ven
  2 siblings, 0 replies; 5+ messages in thread
From: Arjan van de Ven @ 2006-03-08  9:20 UTC (permalink / raw)
  To: Dean Roe; +Cc: akpm, linux-kernel, riel

On Tue, 2006-03-07 at 15:13 -0600, Dean Roe wrote:
> grab_swap_token() assumes that the current process has an mm struct,
> which is not true for kernel threads invoking get_user_pages(). 

well WHICH user ? ;)



^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2006-03-08  9:21 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-03-07 21:13 [PATCH] Prevent NULL pointer deref in grab_swap_token Dean Roe
2006-03-07 21:25 ` Andrew Morton
2006-03-07 22:49 ` Christoph Hellwig
2006-03-07 23:12   ` Andrew Morton
2006-03-08  9:20 ` Arjan van de Ven

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.