This is a note to let you know that I've just added the patch titled
uio: fix vma io range check in mmap
to my char-misc git tree which can be found at
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git
in the char-misc-next branch.
The patch will show up in the next release of the linux-next tree
(usually sometime within the next 24 hours during the week.)
The patch will also be merged in the next major kernel release
during the merge window.
If you have any questions about this process, please let me know.
>From ddb09754e6c7239e302c7b675df9bbd415f8de5d Mon Sep 17 00:00:00 2001
From: Bin Wang <binw@xxxxxxxxxxx>
Date: Tue, 25 Mar 2014 13:52:06 +0800
Subject: uio: fix vma io range check in mmap
the vma range size is always page size aligned in mmap, while the
real io space range may not be page aligned, thus leading to range
check failure in the uio_mmap_physical().
for example, in a case of io range size "mem->size == 1KB", and we
have (vma->vm_end - vma->vm_start) == 4KB, due to "len" is aligned
to page size in do_mmap_pgoff().
now fix this issue by align mem->size to page size in the check.
Signed-off-by: Bin Wang <binw@xxxxxxxxxxx>
Signed-off-by: Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@xxxxxxxxxxx>
Cc: stable <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/uio/uio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c
index a673e5b6a2e0..e371f5af11f5 100644
--- a/drivers/uio/uio.c
+++ b/drivers/uio/uio.c
@@ -655,7 +655,7 @@ static int uio_mmap_physical(struct vm_area_struct *vma)
if (mem->addr & ~PAGE_MASK)
return -ENODEV;
- if (vma->vm_end - vma->vm_start > mem->size)
+ if (vma->vm_end - vma->vm_start > PAGE_ALIGN(mem->size))
return -EINVAL;
vma->vm_ops = &uio_physical_vm_ops;
--
1.9.0
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html