From: Stanislav Kinsbursky <skinsbursky@parallels.com>
Date: Sat, 3 Nov 2012 00:41:57 +0000 (+1100)
Subject: proc: check vma->vm_file before dereferencing
X-Git-Tag: next-20121107~2^2~225
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=35e9afd7a9e7a683c9731ebf67747df171fc05f5;p=karo-tx-linux.git

proc: check vma->vm_file before dereferencing

7b540d0646ce ("proc_map_files_readdir(): don't bother with grabbing
files") switched proc_map_files_readdir() to use @f_mode directly instead of
grabbing @file reference, but same time the test for @vm_file presence was
lost leading to nil dereference.  The patch brings the test back.

The all proc_map_files feature is CONFIG_CHECKPOINT_RESTORE wrapped
(which is set to 'n' by default) so the bug doesn't affect regular
kernels.

The regression is 3.7-rc1 only as far as I can tell.

[gorcunov@openvz.org: provided changelog]
Signed-off-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 144a96732dd7..74fc5624be09 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1770,8 +1770,9 @@ static struct dentry *proc_map_files_lookup(struct inode *dir,
 	if (!vma)
 		goto out_no_vma;
 
-	result = proc_map_files_instantiate(dir, dentry, task,
-			(void *)(unsigned long)vma->vm_file->f_mode);
+	if (vma->vm_file)
+		result = proc_map_files_instantiate(dir, dentry, task,
+				(void *)(unsigned long)vma->vm_file->f_mode);
 
 out_no_vma:
 	up_read(&mm->mmap_sem);