summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndi Kleen <ak@suse.de>2006-01-03 00:07:28 +0100
committerLinus Torvalds <torvalds@g5.osdl.org>2006-01-03 02:01:42 +0100
commit8f493d797bc1fe470377adc9d8775845427e240e (patch)
tree08f4555a0064185152a51ed707e9571dbeedddc7
parent[PATCH] Avoid namespace pollution in <asm/param.h> (diff)
downloadlinux-8f493d797bc1fe470377adc9d8775845427e240e.tar.xz
linux-8f493d797bc1fe470377adc9d8775845427e240e.zip
[PATCH] Make sure interleave masks have at least one node set
Otherwise a bad mem policy system call can confuse the interleaving code into referencing undefined nodes. Originally reported by Doug Chapman I was told it's CVE-2005-3358 (one has to love these security people - they make everything sound important) Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--mm/mempolicy.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index bec88c81244e..72f402cc9c9a 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -161,6 +161,10 @@ static struct mempolicy *mpol_new(int mode, nodemask_t *nodes)
switch (mode) {
case MPOL_INTERLEAVE:
policy->v.nodes = *nodes;
+ if (nodes_weight(*nodes) == 0) {
+ kmem_cache_free(policy_cache, policy);
+ return ERR_PTR(-EINVAL);
+ }
break;
case MPOL_PREFERRED:
policy->v.preferred_node = first_node(*nodes);