Ping...
Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx> writes:
> This patch is very similar to 84d96d897671: Perform some basic
> validation of the input to mremap() before taking the
> ¤t->mm->mmap_sem lock. This also makes the MREMAP_FIXED =>
> MREMAP_MAYMOVE dependency slightly more explicit.
>
> Signed-off-by: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx>
> ---
> mm/mremap.c | 18 ++++++++++--------
> 1 file changed, 10 insertions(+), 8 deletions(-)
>
> diff --git a/mm/mremap.c b/mm/mremap.c
> index 463a257..00b6905 100644
> --- a/mm/mremap.c
> +++ b/mm/mremap.c
> @@ -456,13 +456,14 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
> unsigned long charged = 0;
> bool locked = false;
>
> - down_write(¤t->mm->mmap_sem);
> -
> if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE))
> - goto out;
> + return ret;
> +
> + if (flags & MREMAP_FIXED && !(flags & MREMAP_MAYMOVE))
> + return ret;
>
> if (addr & ~PAGE_MASK)
> - goto out;
> + return ret;
>
> old_len = PAGE_ALIGN(old_len);
> new_len = PAGE_ALIGN(new_len);
> @@ -473,12 +474,13 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
> * a zero new-len is nonsensical.
> */
> if (!new_len)
> - goto out;
> + return ret;
> +
> + down_write(¤t->mm->mmap_sem);
>
> if (flags & MREMAP_FIXED) {
> - if (flags & MREMAP_MAYMOVE)
> - ret = mremap_to(addr, old_len, new_addr, new_len,
> - &locked);
> + ret = mremap_to(addr, old_len, new_addr, new_len,
> + &locked);
> goto out;
> }
>
> --
> 1.7.9.5
>
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@xxxxxxxxx. For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
>
--
Rasmus Villemoes
<http://rasmusvillemoes.dk/>
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>