From: David Gibson <david@gibson.dropbear.id.au>

The patch below fixes a bug in ppc64's 32-bit execve() path.  It duplicates
logic already in the normal fs/exec.c do_execve() to avoid dropping a NULL
mm.  The bprm.mm becomes NULL once the exec passes the "point of no
return".  Without this patch a failure past that point (e.g.  mmap()
failure) will cause an oops, with it just a killed process.



---

 arch/ppc64/kernel/sys_ppc32.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletion(-)

diff -puN arch/ppc64/kernel/sys_ppc32.c~ppc64-execve-error-path-fix arch/ppc64/kernel/sys_ppc32.c
--- 25/arch/ppc64/kernel/sys_ppc32.c~ppc64-execve-error-path-fix	2004-01-19 20:11:55.000000000 -0800
+++ 25-akpm/arch/ppc64/kernel/sys_ppc32.c	2004-01-19 20:11:55.000000000 -0800
@@ -2084,7 +2084,8 @@ out:
 		security_bprm_free(&bprm);
 
 out_mm:
-	mmdrop(bprm.mm);
+	if (bprm.mm)
+		mmdrop(bprm.mm);
 
 out_file:
 	if (bprm.file) {

_