> In __access_remote_vm() we need to check that we have found the right > vma, not the following vma, before we try to access it. Otherwise we > might call the vma's access routine with an address which does not > fall inside the vma. > > Signed-off-by: Michael Ellerman <michael@xxxxxxxxxxxxxx> > --- > mm/memory.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/mm/memory.c b/mm/memory.c > index 9da8cab..ce999ca 100644 > --- a/mm/memory.c > +++ b/mm/memory.c > @@ -3678,7 +3678,7 @@ static int __access_remote_vm(struct task_struct *tsk, struct mm_struct *mm, > */ > #ifdef CONFIG_HAVE_IOREMAP_PROT > vma = find_vma(mm, addr); > - if (!vma) > + if (!vma || vma->vm_start > addr) > break; > if (vma->vm_ops && vma->vm_ops->access) > ret = vma->vm_ops->access(vma, addr, buf, Looks good to me. Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>