* [PATCH] [UIO] Take offset into account when determining number of pages that can be mapped
@ 2009-02-24 17:22 Ian Abbott
0 siblings, 0 replies; only message in thread
From: Ian Abbott @ 2009-02-24 17:22 UTC (permalink / raw)
To: linux-kernel; +Cc: Hans J. Koch, Greg Kroah-Hartman
From: Ian Abbott <abbotti@mev.co.uk>
If a UIO memory region does not start on a page boundary but straddles one,
the number of actual pages that overlap the memory region may be calculated
incorrectly because the offset isn't taken into account. If userspace sets
the mmap length to offset+size, it may fail with -EINVAL if UIO thinks it's
trying to allocate too many pages.
Signed-off-by: Ian Abbott <abbotti@mev.co.uk>
---
diff -urp linux-2.6.29-rc6/drivers/uio/uio.c linux-2.6.29-rc6.new/drivers/uio/uio.c
--- linux-2.6.29-rc6/drivers/uio/uio.c 2009-02-24 16:37:07.000000000 +0000
+++ linux-2.6.29-rc6.new/drivers/uio/uio.c 2009-02-24 16:43:16.000000000 +0000
@@ -686,7 +686,8 @@ static int uio_mmap(struct file *filep,
return -EINVAL;
requested_pages = (vma->vm_end - vma->vm_start) >> PAGE_SHIFT;
- actual_pages = (idev->info->mem[mi].size + PAGE_SIZE -1) >> PAGE_SHIFT;
+ actual_pages = ((idev->info->mem[mi].addr & ~PAGE_MASK)
+ + idev->info->mem[mi].size + PAGE_SIZE -1) >> PAGE_SHIFT;
if (requested_pages > actual_pages)
return -EINVAL;
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-02-24 17:33 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-02-24 17:22 [PATCH] [UIO] Take offset into account when determining number of pages that can be mapped Ian Abbott
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox