• Oleg Nesterov's avatar
    proc: make sure mem_open() doesn't pin the target's memory · 6d08f2c7
    Oleg Nesterov authored
    Once /proc/pid/mem is opened, the memory can't be released until
    mem_release() even if its owner exits.
    
    Change mem_open() to do atomic_inc(mm_count) + mmput(), this only
    pins mm_struct. Change mem_rw() to do atomic_inc_not_zero(mm_count)
    before access_remote_vm(), this verifies that this mm is still alive.
    
    I am not sure what should mem_rw() return if atomic_inc_not_zero()
    fails. With this patch it returns zero to match the "mm == NULL" case,
    may be it should return -EINVAL like it did before e268337d.
    
    Perhaps it makes sense to add the additional fatal_signal_pending()
    check into the main loop, to ensure we do not hold this memory if
    the target task was oom-killed.
    
    Cc: stable@kernel.org
    Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    6d08f2c7
base.c 86 KB