summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMichel Lespinasse <walken@google.com>2013-02-23 01:32:47 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2013-02-24 02:50:11 +0100
commit41badc15cbad0350de34408c1b0c690f9df76d4b (patch)
tree2545134398b99b37259bf6412a0bb56442f120fa
parentmm: introduce VM_POPULATE flag to better deal with racy userspace programs (diff)
downloadlinux-41badc15cbad0350de34408c1b0c690f9df76d4b.tar.xz
linux-41badc15cbad0350de34408c1b0c690f9df76d4b.zip
mm: make do_mmap_pgoff return populate as a size in bytes, not as a bool
do_mmap_pgoff() rounds up the desired size to the next PAGE_SIZE multiple, however there was no equivalent code in mm_populate(), which caused issues. This could be fixed by introduced the same rounding in mm_populate(), however I think it's preferable to make do_mmap_pgoff() return populate as a size rather than as a boolean, so we don't have to duplicate the size rounding logic in mm_populate(). Signed-off-by: Michel Lespinasse <walken@google.com> Acked-by: Rik van Riel <riel@redhat.com> Tested-by: Andy Lutomirski <luto@amacapital.net> Cc: Greg Ungerer <gregungerer@westnet.com.au> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/aio.c5
-rw-r--r--include/linux/mm.h2
-rw-r--r--ipc/shm.c4
-rw-r--r--mm/mmap.c6
-rw-r--r--mm/nommu.c4
-rw-r--r--mm/util.c6
6 files changed, 13 insertions, 14 deletions
diff --git a/fs/aio.c b/fs/aio.c
index 82eec7c7b4bb..064bfbe37566 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -101,9 +101,8 @@ static int aio_setup_ring(struct kioctx *ctx)
struct aio_ring *ring;
struct aio_ring_info *info = &ctx->ring_info;
unsigned nr_events = ctx->max_reqs;
- unsigned long size;
+ unsigned long size, populate;
int nr_pages;
- bool populate;
/* Compensate for the ring buffer's head/tail overlap entry */
nr_events += 2; /* 1 is required, 2 for good luck */
@@ -150,7 +149,7 @@ static int aio_setup_ring(struct kioctx *ctx)
return -EAGAIN;
}
if (populate)
- mm_populate(info->mmap_base, info->mmap_size);
+ mm_populate(info->mmap_base, populate);
ctx->user_id = info->mmap_base;
diff --git a/include/linux/mm.h b/include/linux/mm.h
index 9a5fcdeaa3a0..95db68e34b18 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -1475,7 +1475,7 @@ extern unsigned long mmap_region(struct file *file, unsigned long addr,
unsigned long len, vm_flags_t vm_flags, unsigned long pgoff);
extern unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
unsigned long len, unsigned long prot, unsigned long flags,
- unsigned long pgoff, bool *populate);
+ unsigned long pgoff, unsigned long *populate);
extern int do_munmap(struct mm_struct *, unsigned long, size_t);
#ifdef CONFIG_MMU
diff --git a/ipc/shm.c b/ipc/shm.c
index 9f047ba69e62..be3ec9ae454e 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -971,7 +971,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr,
struct shm_file_data *sfd;
struct path path;
fmode_t f_mode;
- bool populate = false;
+ unsigned long populate = 0;
err = -EINVAL;
if (shmid < 0)
@@ -1078,7 +1078,7 @@ long do_shmat(int shmid, char __user *shmaddr, int shmflg, ulong *raddr,
invalid:
up_write(&current->mm->mmap_sem);
if (populate)
- mm_populate(addr, size);
+ mm_populate(addr, populate);
out_fput:
fput(file);
diff --git a/mm/mmap.c b/mm/mmap.c
index 39a3944e1658..44bb4d869884 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -1163,13 +1163,13 @@ static inline unsigned long round_hint_to_min(unsigned long hint)
unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
unsigned long len, unsigned long prot,
unsigned long flags, unsigned long pgoff,
- bool *populate)
+ unsigned long *populate)
{
struct mm_struct * mm = current->mm;
struct inode *inode;
vm_flags_t vm_flags;
- *populate = false;
+ *populate = 0;
/*
* Does the application expect PROT_READ to imply PROT_EXEC?
@@ -1307,7 +1307,7 @@ unsigned long do_mmap_pgoff(struct file *file, unsigned long addr,
addr = mmap_region(file, addr, len, vm_flags, pgoff);
if (!IS_ERR_VALUE(addr) && (vm_flags & VM_POPULATE))
- *populate = true;
+ *populate = len;
return addr;
}
diff --git a/mm/nommu.c b/mm/nommu.c
index 7296a5a280e7..18c1b932e2c4 100644
--- a/mm/nommu.c
+++ b/mm/nommu.c
@@ -1251,7 +1251,7 @@ unsigned long do_mmap_pgoff(struct file *file,
unsigned long prot,
unsigned long flags,
unsigned long pgoff,
- bool *populate)
+ unsigned long *populate)
{
struct vm_area_struct *vma;
struct vm_region *region;
@@ -1261,7 +1261,7 @@ unsigned long do_mmap_pgoff(struct file *file,
kenter(",%lx,%lx,%lx,%lx,%lx", addr, len, prot, flags, pgoff);
- *populate = false;
+ *populate = 0;
/* decide whether we should attempt the mapping, and if so what sort of
* mapping */
diff --git a/mm/util.c b/mm/util.c
index 13467e043e9e..3704bf1bef94 100644
--- a/mm/util.c
+++ b/mm/util.c
@@ -355,7 +355,7 @@ unsigned long vm_mmap_pgoff(struct file *file, unsigned long addr,
{
unsigned long ret;
struct mm_struct *mm = current->mm;
- bool populate;
+ unsigned long populate;
ret = security_mmap_file(file, prot, flag);
if (!ret) {
@@ -363,8 +363,8 @@ unsigned long vm_mmap_pgoff(struct file *file, unsigned long addr,
ret = do_mmap_pgoff(file, addr, len, prot, flag, pgoff,
&populate);
up_write(&mm->mmap_sem);
- if (!IS_ERR_VALUE(ret) && populate)
- mm_populate(ret, len);
+ if (populate)
+ mm_populate(ret, populate);
}
return ret;
}