On Wed, Oct 07, 2020 at 12:54:50AM +0200, Jann Horn wrote: > @@ -1545,6 +1532,18 @@ void setup_new_exec(struct linux_binprm * bprm) > me->mm->task_size = TASK_SIZE; > mutex_unlock(&me->signal->exec_update_mutex); > mutex_unlock(&me->signal->cred_guard_mutex); > + > +#ifndef CONFIG_MMU > + /* > + * On MMU, setup_arg_pages() wants to access bprm->vma after this point, > + * so we can't drop the mmap lock yet. > + * On !MMU, we have neither setup_arg_pages() nor bprm->vma, so we > + * should drop the lock here. > + */ > + mmap_write_unlock(bprm->mm); > + mmput(bprm->mm); > + bprm->mm = NULL; > +#endif > } It looks like this could this be a if (!IS_ENABLED(CONFIG_MMU)) This all seems nice, more locking points were removed than added at least Jason
