Commit 6980e31e authored by Liu Shixin's avatar Liu Shixin
Browse files

memcg: fix use-after-free of mm_struct 

hulk inclusion
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I8LKYV



--------------------------------

Increment the mm_users of mm_struct to avoid use-after-free.

Fixes: 9bbb63c8 ("memcg: introduce per-memcg swapin interface")
Signed-off-by: default avatarLiu Shixin <liushixin2@huawei.com>
parent 788cf5b6

mm/memcontrol.c

+6 −0
Original line number Diff line number Diff line
@@ -4159,12 +4159,18 @@ static int mem_cgroup_task_swapin(struct task_struct *task, void *arg) 
	struct vm_area_struct *vma;

	struct blk_plug plug;



	if (__task_is_dying(task))

		return 0;

	if (!mm || !mmget_not_zero(mm))

		return 0;



	mmap_read_lock(mm);

	blk_start_plug(&plug);

	for (vma = mm->mmap; vma; vma = vma->vm_next)

		force_swapin_vma(vma);

	blk_finish_plug(&plug);

	mmap_read_unlock(mm);

	mmput(mm);



	return 0;

}