The patch titled
romfs: fix romfs_get_unmapped_area() argument check
has been added to the -mm tree. Its filename is
romfs-fix-romfs_get_unmapped_area-param-check.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/SubmitChecklist when testing your code ***
See http://userweb.kernel.org/~akpm/stuff/added-to-mm.txt to find
out what to do about this
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: romfs: fix romfs_get_unmapped_area() argument check
From: Bob Liu <lliubbo@xxxxxxxxx>
romfs_get_unmapped_area() checks argument `len' without considering
PAGE_ALIGN which will cause do_mmap_pgoff() return -EINVAL error after
commit f67d9b1576c ("nommu: add page_align to mmap").
Fix the check by changing it in same way ramfs_nommu_get_unmapped_area()
was changed in ramfs/file-nommu.c.
Signed-off-by: Bob Liu <lliubbo@xxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: Paul Mundt <lethal@xxxxxxxxxxxx>
Cc: Greg Ungerer <gerg@xxxxxxxxxxxx>
Cc: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
fs/romfs/mmap-nommu.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff -puN fs/romfs/mmap-nommu.c~romfs-fix-romfs_get_unmapped_area-param-check fs/romfs/mmap-nommu.c
--- a/fs/romfs/mmap-nommu.c~romfs-fix-romfs_get_unmapped_area-param-check
+++ a/fs/romfs/mmap-nommu.c
@@ -27,14 +27,18 @@ static unsigned long romfs_get_unmapped_
{
struct inode *inode = file->f_mapping->host;
struct mtd_info *mtd = inode->i_sb->s_mtd;
- unsigned long isize, offset;
+ unsigned long isize, offset, maxpages, lpages;
if (!mtd)
goto cant_map_directly;
+ /* the mapping mustn't extend beyond the EOF */
+ lpages = (len + PAGE_SIZE - 1) >> PAGE_SHIFT;
isize = i_size_read(inode);
offset = pgoff << PAGE_SHIFT;
- if (offset > isize || len > isize || offset > isize - len)
+
+ maxpages = (isize + PAGE_SIZE - 1) >> PAGE_SHIFT;
+ if ((pgoff >= maxpages) || (maxpages - pgoff < lpages))
return (unsigned long) -EINVAL;
/* we need to call down to the MTD layer to do the actual mapping */
_
Patches currently in -mm which might be from lliubbo@xxxxxxxxx are
romfs-fix-romfs_get_unmapped_area-param-check.patch
mm-nommuc-fix-remap_pfn_range.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
