From: Danny Feng <dfeng@redhat.com>
Date: Fri, 29 Jan 2010 09:25:32 -0500
Subject: [mm] add new vma_expandable helper function
Message-id: <20100129092544.4587.83415.sendpatchset@dhcp-65-180.nay.redhat.com>
Patchwork-id: 22988
O-Subject: [PATCH RHEL5.5 3/12 BZ556710 CVE-2010-0291] do_mremap() untangling,
part 3
Bugzilla: 556710
RH-Acked-by: Jarod Wilson <jarod@redhat.com>
RH-Acked-by: Larry Woodman <lwoodman@redhat.com>
backport of upstream commit 1a0ef85f84feb13f07b604fcf5b90ef7c2b5c82f
Subject: [PATCH] do_mremap() untangling, part 3
Take the check for being able to expand vma in place into a separate
helper.
Acked-by: Russell King <rmk+kernel@arm.linux.org.uk>
Acked-by: Hugh Dickins <hugh.dickins@tiscali.co.uk>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
diff --git a/mm/mremap.c b/mm/mremap.c
index b6f1a24..cdae1cf 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -349,6 +349,17 @@ out:
return ret;
}
+static int vma_expandable(struct vm_area_struct *vma, unsigned long delta)
+{
+ unsigned long max_addr = TASK_SIZE;
+ if (vma->vm_next)
+ max_addr = vma->vm_next->vm_start;
+ if (max_addr - vma->vm_end < delta)
+ return 0;
+ /* we need to do arch-specific checks here */
+ return 1;
+}
+
/*
* Expand (or shrink) an existing mapping, potentially moving it at the
* same time (controlled by the MREMAP_MAYMOVE flag and available VM space)
@@ -413,11 +424,8 @@ unsigned long do_mremap(unsigned long addr,
/* old_len exactly to the end of the area..
*/
if (old_len == vma->vm_end - addr) {
- unsigned long max_addr = TASK_SIZE;
- if (vma->vm_next)
- max_addr = vma->vm_next->vm_start;
/* can we just expand the current mapping? */
- if (max_addr - addr >= new_len) {
+ if (vma_expandable(vma, new_len - old_len)) {
int pages = (new_len - old_len) >> PAGE_SHIFT;
vma_adjust(vma, vma->vm_start,
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
27922b4260f65d317aabda37e42bbbff
>
files
>
2164
