Since find_vma() may return NULL, so don't dereference the
returned 'vma' until it is valid.
The problem is introduced by the commit in linus tree:
6d7825b(mm/fremap.c: fix oops on error path).
Also mark vm_flags as ninitialized_var() to avoid compile
warning.
Cc: Tommi Rantala <tt.rant...@gmail.com>
Cc: Michel Lespinasse <wal...@google.com>
Cc: Andrew Morton <a...@linux-foundation.org>
Cc: Linus Torvalds <torva...@linux-foundation.org>
Signed-off-by: Ming Lei <tom.leim...@gmail.com>
---
mm/fremap.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/mm/fremap.c b/mm/fremap.c
index 6a8da7e..80088e9 100644
--- a/mm/fremap.c
+++ b/mm/fremap.c
@@ -129,7 +129,7 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start,
unsigned long, size,
struct vm_area_struct *vma;
int err = -EINVAL;
int has_write_lock = 0;
- vm_flags_t vm_flags;
+ vm_flags_t uninitialized_var(vm_flags);
if (prot)
return err;
@@ -163,8 +163,7 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start,
unsigned long, size,
* and that the remapped range is valid and fully within
* the single existing vma.
*/
- vm_flags = vma->vm_flags;
- if (!vma || !(vm_flags & VM_SHARED))
+ if (!vma || !(vma->vm_flags & VM_SHARED))
goto out;
if (!vma->vm_ops || !vma->vm_ops->remap_pages)
--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
