Staging: android: lowmemorykiller: fix possible android low memory killer NULL pointer
authorDavid Rientjes <rientjes@google.com>
Mon, 11 May 2009 22:45:14 +0000 (15:45 -0700)
committerGreg Kroah-Hartman <gregkh@suse.de>
Fri, 19 Jun 2009 18:00:52 +0000 (11:00 -0700)
get_mm_rss() atomically dereferences the actual without checking for a
NULL pointer, which is possible since task_lock() is not held.

Cc: San Mehat <san@android.com>
Cc: Arve Hjønnevåg <arve@android.com>
Signed-off-by: David Rientjes <rientjes@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/staging/android/lowmemorykiller.c

index f61333b..cba3b91 100644 (file)
@@ -92,12 +92,18 @@ static int lowmem_shrink(int nr_to_scan, gfp_t gfp_mask)
        for_each_process(p) {
                int oom_adj;
 
-               if (!p->mm)
+               task_lock(p);
+               if (!p->mm) {
+                       task_unlock(p);
                        continue;
+               }
                oom_adj = p->oomkilladj;
-               if (oom_adj < min_adj)
+               if (oom_adj < min_adj) {
+                       task_unlock(p);
                        continue;
+               }
                tasksize = get_mm_rss(p->mm);
+               task_unlock(p);
                if (tasksize <= 0)
                        continue;
                if (selected) {