copy_mm fix:

- If dup_mmap fails we will try to destroy_context before
init_new_context occurs.  Platforms with non-trivial
init_new_context can explode because of this.  The fix
is to invoke init_new_context before dup_mmap.

diff --git a/kernel/fork.c b/kernel/fork.c
index 9c02ba5c4635e74465483407d05f93373fa52a33..61a6c7799bb335b7a99724446df5b956682b167a 100644 (file)
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -387,6 +387,9 @@ static int copy_mm(unsigned long clone_flags, struct task_struct * tsk)
        if (!mm_init(mm))
                goto fail_nomem;
 
+       if (init_new_context(tsk,mm))
+               goto free_pt;
+
        down_write(&oldmm->mmap_sem);
        retval = dup_mmap(mm);
        up_write(&oldmm->mmap_sem);
@@ -394,9 +397,6 @@ static int copy_mm(unsigned long clone_flags, struct task_struct * tsk)
        if (retval)
                goto free_pt;
 
-       if (init_new_context(tsk,mm))
-               goto free_pt;
-
 good_mm:
        tsk->mm = mm;
        tsk->active_mm = mm;