| From 1b79cd04fab80be61dcd2732e2423aafde9a4c1c Mon Sep 17 00:00:00 2001 |
| From: Junjiro R. Okajima <hooanon05@yahoo.co.jp> |
| Date: Tue, 2 Dec 2008 10:31:46 -0800 |
| Subject: nfsd: fix vm overcommit crash fix #2 |
| |
| From: Junjiro R. Okajima <hooanon05@yahoo.co.jp> |
| |
| commit 1b79cd04fab80be61dcd2732e2423aafde9a4c1c upstream. |
| |
| The previous patch from Alan Cox ("nfsd: fix vm overcommit crash", |
| commit 731572d39fcd3498702eda4600db4c43d51e0b26) fixed the problem where |
| knfsd crashes on exported shmemfs objects and strict overcommit is set. |
| |
| But the patch forgot supporting the case when CONFIG_SECURITY is |
| disabled. |
| |
| This patch copies a part of his fix which is mainly for detecting a bug |
| earlier. |
| |
| Acked-by: James Morris <jmorris@namei.org> |
| Signed-off-by: Alan Cox <alan@redhat.com> |
| Signed-off-by: Junjiro R. Okajima <hooanon05@yahoo.co.jp> |
| Signed-off-by: Andrew Morton <akpm@linux-foundation.org> |
| Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| |
| --- |
| include/linux/security.h | 12 ++++++++---- |
| 1 file changed, 8 insertions(+), 4 deletions(-) |
| |
| --- a/include/linux/security.h |
| +++ b/include/linux/security.h |
| @@ -1823,17 +1823,21 @@ static inline int security_settime(struc |
| |
| static inline int security_vm_enough_memory(long pages) |
| { |
| + WARN_ON(current->mm == NULL); |
| return cap_vm_enough_memory(current->mm, pages); |
| } |
| |
| -static inline int security_vm_enough_memory_kern(long pages) |
| +static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) |
| { |
| - return cap_vm_enough_memory(current->mm, pages); |
| + WARN_ON(mm == NULL); |
| + return cap_vm_enough_memory(mm, pages); |
| } |
| |
| -static inline int security_vm_enough_memory_mm(struct mm_struct *mm, long pages) |
| +static inline int security_vm_enough_memory_kern(long pages) |
| { |
| - return cap_vm_enough_memory(mm, pages); |
| + /* If current->mm is a kernel thread then we will pass NULL, |
| + for this specific case that is fine */ |
| + return cap_vm_enough_memory(current->mm, pages); |
| } |
| |
| static inline int security_bprm_alloc(struct linux_binprm *bprm) |