Commit 5d14a573 authored May 11, 2009 by David Rientjes Committed by Greg Kroah-Hartman Jun 19, 2009

Staging: android: lowmemorykiller: fix possible android low memory killer NULL pointer

get_mm_rss() atomically dereferences the actual without checking for a
NULL pointer, which is possible since task_lock() is not held.

Cc: San Mehat <san@android.com>
Cc: Arve Hjønnevåg <arve@android.com>
Signed-off-by: David Rientjes <rientjes@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

parent 34006e11

drivers/staging/android/lowmemorykiller.c

+8 −2

Original line number	Diff line number	Diff line
		@@ -92,12 +92,18 @@ static int lowmem_shrink(int nr_to_scan, gfp_t gfp_mask)
		for_each_process(p) {
		int oom_adj;

		if (!p->mm)
		task_lock(p);
		if (!p->mm) {
		task_unlock(p);
		continue;
		}
		oom_adj = p->oomkilladj;
		if (oom_adj < min_adj)
		if (oom_adj < min_adj) {
		task_unlock(p);
		continue;
		}
		tasksize = get_mm_rss(p->mm);
		task_unlock(p);
		if (tasksize <= 0)
		continue;
		if (selected) {