lguest needs to hold a reference to its task in case it exits while
another Guest is sending it I/O. Otherwise we can oops in
access_process_vm->get_task_mm->task_lock().
Signed-off-by: Rusty Russell <[EMAIL PROTECTED]>
---
drivers/lguest/lguest_user.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
===================================================================
--- a/drivers/lguest/lguest_user.c
+++ b/drivers/lguest/lguest_user.c
@@ -107,7 +107,8 @@ static int initialize(struct file *file,
setup_regs(lg->regs, args[2]);
setup_guest_gdt(lg);
lg->tsk = current;
- lg->mm = get_task_mm(current);
+ get_task_struct(lg->tsk);
+ lg->mm = get_task_mm(lg->tsk);
lg->last_pages = NULL;
mutex_unlock(&lguest_lock);
@@ -160,6 +161,7 @@ static int close(struct inode *inode, st
mutex_lock(&lguest_lock);
release_all_dma(lg);
free_guest_pagetable(lg);
+ put_task_struct(lg->tsk);
mmput(lg->mm);
if (!IS_ERR(lg->dead))
kfree(lg->dead);
_______________________________________________
Virtualization mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/virtualization
