* [patch 07/12] powerpc: Fix size check for hugetlbfs [not found] ` <20070814072813.GA15025@kroah.com> @ 2007-08-14 7:29 ` Greg KH 2007-08-14 7:56 ` David Gibson 0 siblings, 1 reply; 2+ messages in thread From: Greg KH @ 2007-08-14 7:29 UTC (permalink / raw) To: linux-kernel, stable, linuxppc-dev list Cc: Theodore Ts'o, Zwane Mwaikambo, Justin Forbes, Domenico Andreoli, Chris Wedgwood, Paul Mackerras, Randy Dunlap, Michael Krufky, Chuck Ebbert, Dave Jones, Chuck Wolber, akpm, torvalds, alan -stable review patch. If anyone has any objections, please let us know. ------------------ From: Benjamin Herrenschmidt <benh@kernel.crashing.org> My "slices" address space management code that was added in 2.6.22 implementation of get_unmapped_area() doesn't properly check that the size is a multiple of the requested page size. This allows userland to create VMAs that aren't a multiple of the huge page size with hugetlbfs (since hugetlbfs entirely relies on get_unmapped_area() to do that checking) which leads to a kernel BUG() when such areas are torn down. Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Paul Mackerras <paulus@samba.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> --- arch/powerpc/mm/slice.c | 2 ++ 1 file changed, 2 insertions(+) --- a/arch/powerpc/mm/slice.c +++ b/arch/powerpc/mm/slice.c @@ -405,6 +405,8 @@ unsigned long slice_get_unmapped_area(un if (len > mm->task_size) return -ENOMEM; + if (len & ((1ul << pshift) - 1)) + return -EINVAL; if (fixed && (addr & ((1ul << pshift) - 1))) return -EINVAL; if (fixed && addr > (mm->task_size - len)) -- ^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [patch 07/12] powerpc: Fix size check for hugetlbfs 2007-08-14 7:29 ` [patch 07/12] powerpc: Fix size check for hugetlbfs Greg KH @ 2007-08-14 7:56 ` David Gibson 0 siblings, 0 replies; 2+ messages in thread From: David Gibson @ 2007-08-14 7:56 UTC (permalink / raw) To: Greg KH Cc: Theodore Ts'o, Zwane Mwaikambo, torvalds, Justin Forbes, linux-kernel, Chris Wedgwood, Domenico Andreoli, linuxppc-dev list, Randy Dunlap, Paul Mackerras, Chuck Ebbert, Dave Jones, Michael Krufky, akpm, Chuck Wolber, stable, alan On Tue, Aug 14, 2007 at 12:29:18AM -0700, Greg KH wrote: > -stable review patch. If anyone has any objections, please let us know. > > ------------------ > From: Benjamin Herrenschmidt <benh@kernel.crashing.org> > > My "slices" address space management code that was added in 2.6.22 > implementation of get_unmapped_area() doesn't properly check that the > size is a multiple of the requested page size. This allows userland to > create VMAs that aren't a multiple of the huge page size with hugetlbfs > (since hugetlbfs entirely relies on get_unmapped_area() to do that > checking) which leads to a kernel BUG() when such areas are torn down. > > Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> > Signed-off-by: Paul Mackerras <paulus@samba.org> > Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> Acked-by: David Gibson <david@gibson.dropbear.id.au> -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2007-08-14 7:56 UTC | newest] Thread overview: 2+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- [not found] <20070814072244.882283903@mini.kroah.org> [not found] ` <20070814072813.GA15025@kroah.com> 2007-08-14 7:29 ` [patch 07/12] powerpc: Fix size check for hugetlbfs Greg KH 2007-08-14 7:56 ` David Gibson
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).