From: Tang Yizhou tangyizhou@huawei.com
ascend inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I4EUVI CVE: NA
-------------------------------------------------
__sp_area_drop_locked() checks null pointer of spa, so remove null pointer checks before calling __sp_area_drop_locked().
Reported-by: Cui Bixuan cuibixuan@huawei.com Signed-off-by: Tang Yizhou tangyizhou@huawei.com Reviewed-by: Ding Tianhong dingtianhong@huawei.com Reviewed-by: Kefeng Wang wangkefeng.wang@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com Reviewed-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com --- mm/share_pool.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-)
diff --git a/mm/share_pool.c b/mm/share_pool.c index 169ac88e37d2f..dfce9001b9e42 100644 --- a/mm/share_pool.c +++ b/mm/share_pool.c @@ -443,8 +443,7 @@ static void sp_munmap_task_areas(struct mm_struct *mm, struct list_head *stop) if (&spa->link == stop) break;
- if (prev) - __sp_area_drop_locked(prev); + __sp_area_drop_locked(prev); prev = spa;
atomic_inc(&spa->use_count); @@ -459,8 +458,7 @@ static void sp_munmap_task_areas(struct mm_struct *mm, struct list_head *stop)
spin_lock(&sp_area_lock); } - if (prev) - __sp_area_drop_locked(prev); + __sp_area_drop_locked(prev);
spin_unlock(&sp_area_lock); } @@ -607,8 +605,7 @@ int sp_group_add_task(int pid, int spg_id) struct file *file = spa_file(spa); unsigned long addr;
- if (prev) - __sp_area_drop_locked(prev); + __sp_area_drop_locked(prev); prev = spa;
atomic_inc(&spa->use_count); @@ -651,8 +648,7 @@ int sp_group_add_task(int pid, int spg_id)
spin_lock(&sp_area_lock); } - if (prev) - __sp_area_drop_locked(prev); + __sp_area_drop_locked(prev); spin_unlock(&sp_area_lock);
if (unlikely(ret)) {