proc: check vma->vm_file before dereferencing
authorStanislav Kinsbursky <skinsbursky@parallels.com>
Tue, 27 Nov 2012 00:29:42 +0000 (16:29 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 27 Nov 2012 01:41:24 +0000 (17:41 -0800)
Commit 7b540d0646ce ("proc_map_files_readdir(): don't bother with
grabbing files") switched proc_map_files_readdir() to use @f_mode
directly instead of grabbing @file reference, but same time the test for
@vm_file presence was lost leading to nil dereference.  The patch brings
the test back.

The all proc_map_files feature is CONFIG_CHECKPOINT_RESTORE wrapped
(which is set to 'n' by default) so the bug doesn't affect regular
kernels.

The regression is 3.7-rc1 only as far as I can tell.

[gorcunov@openvz.org: provided changelog]
Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/proc/base.c

index 3c231adf845088ee51517c1f7fd0745284d88be2..9e28356a959a2f4f0aecddd6170ebacfa799a5b3 100644 (file)
@@ -1877,8 +1877,9 @@ static struct dentry *proc_map_files_lookup(struct inode *dir,
        if (!vma)
                goto out_no_vma;
 
-       result = proc_map_files_instantiate(dir, dentry, task,
-                       (void *)(unsigned long)vma->vm_file->f_mode);
+       if (vma->vm_file)
+               result = proc_map_files_instantiate(dir, dentry, task,
+                               (void *)(unsigned long)vma->vm_file->f_mode);
 
 out_no_vma:
        up_read(&mm->mmap_sem);