git.baikalelectronics.ru Git - kernel.git/commit

author	Markus Metzger <markus.t.metzger@intel.com>
	Wed, 11 Feb 2009 14:10:27 +0000 (15:10 +0100)
committer	Ingo Molnar <mingo@elte.hu>
	Wed, 11 Feb 2009 14:44:20 +0000 (15:44 +0100)
commit	1743204c2b52cf4ac75b0fc8549e0cd1d99f6da0
tree	76e0e9181f4ee2b324742d517518e837d5c250bf	tree \| snapshot
parent	4d6115084394e3699b0ac3f72f1a6ba9a41173d0	commit \| diff

x86, ptrace, mm: fix double-free on race

Ptrace_detach() races with __ptrace_unlink() if the traced task is
reaped while detaching. This might cause a double-free of the BTS
buffer.

Change the ptrace_detach() path to only do the memory accounting in
ptrace_bts_detach() and leave the buffer free to ptrace_bts_untrace()
which will be called from __ptrace_unlink().

The fix follows a proposal from Oleg Nesterov.

Reported-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Markus Metzger <markus.t.metzger@intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>

arch/x86/kernel/ptrace.c		diff \| blob \| history
include/linux/mm.h		diff \| blob \| history
mm/mlock.c		diff \| blob \| history