Staging: android: lowmemorykiller: fix possible android low memory killer NULL pointer

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

get_mm_rss() atomically dereferences the actual without checking for a
NULL pointer, which is possible since task_lock() is not held.

Cc: San Mehat <san@android.com>
Cc: Arve Hjønnevåg <arve@android.com>
Signed-off-by: David Rientjes <rientjes@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

authored by

David Rientjes and committed by

Greg Kroah-Hartman 17 years ago 5d14a573 34006e11

+8 -2

1 changed file

expand all

drivers

staging

android

lowmemorykiller.c

+8 -2

drivers/staging/android/lowmemorykiller.c

··· 92 92 for_each_process(p) { 93 93 int oom_adj; 94 94 95 - if (!p->mm) 95 + task_lock(p); 96 + if (!p->mm) { 97 + task_unlock(p); 96 98 continue; 99 + } 97 100 oom_adj = p->oomkilladj; 98 - if (oom_adj < min_adj) 101 + if (oom_adj < min_adj) { 102 + task_unlock(p); 99 103 continue; 104 + } 100 105 tasksize = get_mm_rss(p->mm); 106 + task_unlock(p); 101 107 if (tasksize <= 0) 102 108 continue; 103 109 if (selected) {