[PATCH 8/9] um: Fix possible race on task->mm

Anton Vorontsov Mon, 23 Apr 2012 00:26:22 -0700

Checking for task->mm is dangerous as ->mm might disappear (exit_mm()
assigns NULL under task_lock(), so tasklist lock is not enough).


We can't use get_task_mm()/mmput() pair as mmput() might sleep,
so let's take the task lock while we care about its mm.

Note that we should also use find_lock_task_mm() to check all process'
threads for a valid mm, but for uml we'll do it in a separate patch.

Signed-off-by: Anton Vorontsov <anton.voront...@linaro.org>
---
 arch/um/kernel/reboot.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/arch/um/kernel/reboot.c b/arch/um/kernel/reboot.c
index 66d754c..1411f4e 100644
--- a/arch/um/kernel/reboot.c
+++ b/arch/um/kernel/reboot.c
@@ -25,10 +25,13 @@ static void kill_off_processes(void)
 
                read_lock(&tasklist_lock);
                for_each_process(p) {
-                       if (p->mm == NULL)
+                       task_lock(p);
+                       if (!p->mm) {
+                               task_unlock(p);
                                continue;
-
+                       }
                        pid = p->mm->context.id.u.pid;
+                       task_unlock(p);
                        os_kill_ptraced_process(pid, 1);
                }
                read_unlock(&tasklist_lock);
-- 
1.7.9.2

_______________________________________________
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev

[PATCH 8/9] um: Fix possible race on task->mm

Reply via email to