From: Johannes Weiner Date: Thu, 30 Apr 2009 22:08:08 +0000 (-0700) Subject: mm: fix pageref leak in do_swap_page() X-Git-Tag: firefly_0821_release~14289 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=bc43f75cd9815833b27831600ccade672edb5e43;p=firefly-linux-kernel-4.4.55.git mm: fix pageref leak in do_swap_page() By the time the memory cgroup code is notified about a swapin we already hold a reference on the fault page. If the cgroup callback fails make sure to unlock AND release the page reference which was taken by lookup_swap_cach(), or we leak the reference. Signed-off-by: Johannes Weiner Cc: Balbir Singh Reviewed-by: Minchan Kim Acked-by: KAMEZAWA Hiroyuki Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/mm/memory.c b/mm/memory.c index cf6873e91c6a..6a4ef0fd0711 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -2458,8 +2458,7 @@ static int do_swap_page(struct mm_struct *mm, struct vm_area_struct *vma, if (mem_cgroup_try_charge_swapin(mm, page, GFP_KERNEL, &ptr)) { ret = VM_FAULT_OOM; - unlock_page(page); - goto out; + goto out_page; } /* @@ -2521,6 +2520,7 @@ out: out_nomap: mem_cgroup_cancel_charge_swapin(ptr); pte_unmap_unlock(page_table, ptl); +out_page: unlock_page(page); page_cache_release(page); return ret;