diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2020-10-11 11:18:04 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-10-11 11:18:04 -0700 |
| commit | 3dd0130f2430decf0cb001b452824515436986d2 (patch) | |
| tree | 3d3bb4ca9c5fe7372eb499bf9983d514ec2f5477 /mm/mmap.c | |
| parent | 5b697f86f9f136d200c9827d6eca0437b7eb96cf (diff) | |
| parent | 4aab2be0983031a05cb4a19696c9da5749523426 (diff) | |
Merge branch 'akpm' (patches from Andrew)
Merge misc fixes from Andrew Morton:
"Five fixes.
Subsystems affected by this patch series: MAINTAINERS, mm/pagemap,
mm/swap, and mm/hugetlb"
* emailed patches from Andrew Morton <akpm@linux-foundation.org>:
mm: khugepaged: recalculate min_free_kbytes after memory hotplug as expected by khugepaged
mm: validate inode in mapping_set_error()
mm: mmap: Fix general protection fault in unlink_file_vma()
MAINTAINERS: Antoine Tenart's email address
MAINTAINERS: change hardening mailing list
Diffstat (limited to 'mm/mmap.c')
| -rw-r--r-- | mm/mmap.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/mm/mmap.c b/mm/mmap.c index 40248d84ad5f..bdd19f5b994e 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1781,7 +1781,11 @@ unsigned long mmap_region(struct file *file, unsigned long addr, merge = vma_merge(mm, prev, vma->vm_start, vma->vm_end, vma->vm_flags, NULL, vma->vm_file, vma->vm_pgoff, NULL, NULL_VM_UFFD_CTX); if (merge) { - fput(file); + /* ->mmap() can change vma->vm_file and fput the original file. So + * fput the vma->vm_file here or we would add an extra fput for file + * and cause general protection fault ultimately. + */ + fput(vma->vm_file); vm_area_free(vma); vma = merge; /* Update vm_flags and possible addr to pick up the change. We don't |