The patch titled
proc: put check_mem_permission after __get_free_page in mem_write
has been removed from the -mm tree. Its filename was
proc-put-check_mem_permission-after-__get_free_page-in-mem_write.patch
This patch was dropped because it was merged into mainline or a subsystem tree
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: proc: put check_mem_permission after __get_free_page in mem_write
From: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
It whould be better if put check_mem_permission after __get_free_page in
mem_write, to be same as function mem_read.
Hugh Dickins explained the reason.
check_mem_permission gets a reference to the mm. If we __get_free_page
after check_mem_permission, imagine what happens if the system is out
of memory, and the mm we're looking at is selected for killing by the
OOM killer: while we wait in __get_free_page for more memory, no memory
is freed from the selected mm because it cannot reach exit_mmap while
we hold that reference.
Reported-by: Jovi Zhang <bookjovi@xxxxxxxxx>
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx>
Acked-by: Hugh Dickins <hughd@xxxxxxxxxx>
Reviewed-by: Stephen Wilson <wilsons@xxxxxxxx>
Cc: Alexey Dobriyan <adobriyan@xxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
fs/proc/base.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff -puN fs/proc/base.c~proc-put-check_mem_permission-after-__get_free_page-in-mem_write fs/proc/base.c
--- a/fs/proc/base.c~proc-put-check_mem_permission-after-__get_free_page-in-mem_write
+++ a/fs/proc/base.c
@@ -894,20 +894,20 @@ static ssize_t mem_write(struct file * f
if (!task)
goto out_no_task;
+ copied = -ENOMEM;
+ page = (char *)__get_free_page(GFP_TEMPORARY);
+ if (!page)
+ goto out_task;
+
mm = check_mem_permission(task);
copied = PTR_ERR(mm);
if (IS_ERR(mm))
- goto out_task;
+ goto out_free;
copied = -EIO;
if (file->private_data != (void *)((long)current->self_exec_id))
goto out_mm;
- copied = -ENOMEM;
- page = (char *)__get_free_page(GFP_TEMPORARY);
- if (!page)
- goto out_mm;
-
copied = 0;
while (count > 0) {
int this_len, retval;
@@ -929,9 +929,11 @@ static ssize_t mem_write(struct file * f
count -= retval;
}
*ppos = dst;
- free_page((unsigned long) page);
+
out_mm:
mmput(mm);
+out_free:
+ free_page((unsigned long) page);
out_task:
put_task_struct(task);
out_no_task:
_
Patches currently in -mm which might be from kosaki.motohiro@xxxxxxxxxxxxxx are
origin.patch
mm-increase-reclaim_distance-to-30.patch
slab-use-numa_no_node.patch
vmscanmemcg-memcg-aware-swap-token.patch
vmscan-implement-swap-token-trace.patch
vmscan-implement-swap-token-priority-aging.patch
cpusets-randomize-node-rotor-used-in-cpuset_mem_spread_node.patch
cpusets-randomize-node-rotor-used-in-cpuset_mem_spread_node-cpusets-initialize-spread-rotor-lazily.patch
cpumask-convert-for_each_cpumask-with-for_each_cpu.patch
cpumask-convert-cpumask_of_cpu-to-cpumask_of.patch
cpumask-alloc_cpumask_var-use-numa_no_node.patch
cpumask-add-cpumask_var_t-documentation.patch
kexec-remove-kmsg_dump_kexec.patch
kexec-remove-kmsg_dump_kexec-fix.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
