Commit a28bf136 authored by Eric W. Biederman's avatar Eric W. Biederman
Browse files

exec: Run sync_mm_rss before taking exec_update_mutex 



Like exec_mm_release sync_mm_rss is about flushing out the state of
the old_mm, which does not need to happen under exec_update_mutex.

Make this explicit by moving sync_mm_rss outside of exec_update_mutex.

Reviewed-by: default avatarKees Cook <keescook@chromium.org>
Link: https://lkml.kernel.org/r/875zd66za3.fsf_-_@x220.int.ebiederm.org


Signed-off-by: default avatar"Eric W. Biederman" <ebiederm@xmission.com>
parent 13c432b5

fs/exec.c

+2 −1
Original line number Diff line number Diff line
@@ -1051,13 +1051,14 @@ static int exec_mmap(struct mm_struct *mm) 
	tsk = current;

	old_mm = current->mm;

	exec_mm_release(tsk, old_mm);

	if (old_mm)

		sync_mm_rss(old_mm);



	ret = mutex_lock_killable(&tsk->signal->exec_update_mutex);

	if (ret)

		return ret;



	if (old_mm) {

		sync_mm_rss(old_mm);

		/*

		 * Make sure that if there is a core dump in progress

		 * for the old mm, we get out and die instead of going

CRA Git | Maintained and supported by SUSTech CRA and CCSE