projects
/
platform
/
kernel
/
linux-starfive.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
54abe19
)
mm/mprotect: fix do_mprotect_pkey() limit check
author
Liam R. Howlett
<Liam.Howlett@oracle.com>
Tue, 6 Jun 2023 18:29:12 +0000
(14:29 -0400)
committer
Andrew Morton
<akpm@linux-foundation.org>
Mon, 19 Jun 2023 20:19:31 +0000
(13:19 -0700)
The return of do_mprotect_pkey() can still be incorrectly returned as
success if there is a gap that spans to or beyond the end address passed
in. Update the check to ensure that the end address has indeed been seen.
Link:
https://lore.kernel.org/all/CABi2SkXjN+5iFoBhxk71t3cmunTk-s=rB4T7qo0UQRh17s49PQ@mail.gmail.com/
Link:
https://lkml.kernel.org/r/20230606182912.586576-1-Liam.Howlett@oracle.com
Fixes: 82f951340f25 ("mm/mprotect: fix do_mprotect_pkey() return on error")
Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com>
Reported-by: Jeff Xu <jeffxu@chromium.org>
Reviewed-by: Lorenzo Stoakes <lstoakes@gmail.com>
Acked-by: David Hildenbrand <david@redhat.com>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
mm/mprotect.c
patch
|
blob
|
history
diff --git
a/mm/mprotect.c
b/mm/mprotect.c
index 92d3d3ca390a09de5f883d0b620608c3b4593aed..c59e7561698c8415ae783c100b3602c9fd03ac0f 100644
(file)
--- a/
mm/mprotect.c
+++ b/
mm/mprotect.c
@@
-867,7
+867,7
@@
static int do_mprotect_pkey(unsigned long start, size_t len,
}
tlb_finish_mmu(&tlb);
- if (!error &&
vma_iter_end(&vmi)
< end)
+ if (!error &&
tmp
< end)
error = -ENOMEM;
out: