> ------------------------------------------------------
> Subject: tmpfs: fix oops on remounts with mpol=default
> From: Ravikiran G Thirumalai <kiran@xxxxxxxxxxxx>
>
> Fix an 'oops' when a tmpfs mount point is remounted with the 'default'
> mempolicy.
>
> Upon remounting a tmpfs mount point with 'mpol=default' option, the
> remount code crashed with a null pointer dereference. The initial problem
> report was on 2.6.27, but the problem exists in mainline 2.6.34-rc as
> well. On examining the code, we see that mpol_new returns NULL if default
> mempolicy was requested. This 'NULL' mempolicy is accessed to store the
> node mask resulting in oops.
>
> The following patch fixes the oops by avoiding dereferencing NULL if the
> new mempolicy is NULL. The patch also sets 'err' to 0 if MPOL_DEFAULT is
> passed (err is initialized to 1 initially at mpol_parse_str())
Hi Ravikiran,
I'm glad to your contribution. Unfortunately I've found various related
issue in mpol_parse_str() while reviewing your patch.
So, I'll post updated patches.
- kosaki
>
> Signed-off-by: Ravikiran Thirumalai <kiran@xxxxxxxxxxxx>
> Cc: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
> Cc: Christoph Lameter <cl@xxxxxxxxxxxxxxxxxxxx>
> Cc: Mel Gorman <mel@xxxxxxxxx>
> Cc: Lee Schermerhorn <lee.schermerhorn@xxxxxx>
> Cc: Hugh Dickins <hugh.dickins@xxxxxxxxxxxxx>
> Cc: <stable@xxxxxxxxxx>
> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> ---
>
> mm/mempolicy.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff -puN mm/mempolicy.c~tmpfs-fix-oops-on-remounts-with-mpol=default mm/mempolicy.c
> --- a/mm/mempolicy.c~tmpfs-fix-oops-on-remounts-with-mpol=default
> +++ a/mm/mempolicy.c
> @@ -2213,10 +2213,14 @@ int mpol_parse_str(char *str, struct mem
> goto out;
> mode = MPOL_PREFERRED;
> break;
> -
> + case MPOL_DEFAULT:
> + /*
> + * mpol_new() enforces empty nodemask, ignores flags.
> + */
> + err = 0;
> + break;
> /*
> * case MPOL_BIND: mpol_new() enforces non-empty nodemask.
> - * case MPOL_DEFAULT: mpol_new() enforces empty nodemask, ignores flags.
> */
> }
>
> @@ -2250,7 +2254,7 @@ int mpol_parse_str(char *str, struct mem
> if (ret) {
> err = 1;
> mpol_put(new);
> - } else if (no_context) {
> + } else if (no_context && new) {
> /* save for contextualization */
> new->w.user_nodemask = nodes;
> }
> _
>
> Patches currently in -mm which might be from kiran@xxxxxxxxxxxx are
>
> tmpfs-fix-oops-on-remounts-with-mpol=default.patch
> slab-leaks3-default-y.patch
>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxxx For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>