dtrace: take mmap_sem in PTRACE_GETMAPFD

Without this, we may oops if the process exec()s and discards its
address space after we find_vma().

Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
Acked-by: Kris Van Hees <kris.van.hees@oracle.com>
Reviewed-by: Shannon Nelson <shannon.nelson@oracle.com>
Orabug: 24977175

diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 5c511f403e42a1ff26e7d4217be7d956fa06eef0..10467305c8eb3d5f04beb448f1a11c5b2187dd20 100644 (file)
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -815,6 +815,7 @@ static int ptrace_getmapfd(struct task_struct *child, unsigned long addr,
 
        mm = get_task_mm(child);
        files = get_files_struct(child);
+       down_read(&mm->mmap_sem);
        vma = find_vma(mm, addr);
 
        if (!vma || vma->vm_start > addr) {
@@ -838,6 +839,7 @@ static int ptrace_getmapfd(struct task_struct *child, unsigned long addr,
        fd_install(new_fd, vma->vm_file);
 
 err:
+       up_read(&mm->mmap_sem);
        put_files_struct(files);
        mmput(mm);