On Mon, 12 Sep 2016 13:27:04 +0300 "Kirill A. Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx> wrote:
> Commit c01d5b300774 makes use of shm_get_unmapped_area() in
> shm_file_operations() unconditional to CONFIG_MMU.
>
> As Tony Battersby pointed this can lead NULL-pointer dereference on
> machine with CONFIG_MMU=y and CONFIG_SHMEM=n. In this case ipc/shm is
> backed by ramfs which doesn't provide f_op->get_unmapped_area for
> configurations with MMU.
>
> The solution is to provide dummy f_op->get_unmapped_area for ramfs when
> CONFIG_MMU=y, which just call current->mm->get_unmapped_area().
>
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> Reported-and-Tested-by: Tony Battersby <tonyb@xxxxxxxxxxxxxxx>
> Fixes: c01d5b300774 ("shmem: get_unmapped_area align huge page")
I'll add
Cc: <stable@xxxxxxxxxxxxxxx> [4.7.x]
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>