lguest needs to hold a reference to its task in case it exits while another Guest is sending it I/O. Otherwise we can oops in access_process_vm->get_task_mm->task_lock(). Signed-off-by: Rusty Russell <rusty@xxxxxxxxxxxxxxx> --- drivers/lguest/lguest_user.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) =================================================================== --- a/drivers/lguest/lguest_user.c +++ b/drivers/lguest/lguest_user.c @@ -107,7 +107,8 @@ static int initialize(struct file *file, setup_regs(lg->regs, args[2]); setup_guest_gdt(lg); lg->tsk = current; - lg->mm = get_task_mm(current); + get_task_struct(lg->tsk); + lg->mm = get_task_mm(lg->tsk); lg->last_pages = NULL; mutex_unlock(&lguest_lock); @@ -160,6 +161,7 @@ static int close(struct inode *inode, st mutex_lock(&lguest_lock); release_all_dma(lg); free_guest_pagetable(lg); + put_task_struct(lg->tsk); mmput(lg->mm); if (!IS_ERR(lg->dead)) kfree(lg->dead); _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/virtualization
