[PATCH] hugetlb fix

Patch from Rohit Seth It fixes the problem which Andrea noted in his initial review of the hugetlb code: "In short doing "addr = vma->vm_end" and then checking if vm_end + len is below vm_next->vm_start is broken, because there's no guarantee that "addr" will be a largepage aligned address. the LPAGE_ALIGN in found_addr should be dropped becaue moving the addr ahead without checking that addr+len doesn't then fall into a vma, will generate do_munmaps and in turn userspace mem corruption."

[PATCH] hugetlb fix
Patch from Rohit Seth It fixes the problem which Andrea noted in his initial review of the hugetlb code: "In short doing "addr = vma->vm_end" and then checking if vm_end + len is below vm_next->vm_start is broken, because there's no guarantee that "addr" will be a largepage aligned address. the LPAGE_ALIGN in found_addr should be dropped becaue moving the addr ahead without checking that addr+len doesn't then fall into a vma, will generate do_munmaps and in turn userspace mem corruption."
5538fdaa · Andrew Morton · Linus Torvalds · bce5aeb5 · 5538fdaa
Commit 5538fdaa authored Sep 25, 2002 by Andrew Morton Committed by Linus Torvalds Sep 25, 2002
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 2 deletions

arch/i386/kernel/sys_i386.c arch/i386/kernel/sys_i386.c +1 -2

No files found.
--- a/arch/i386/kernel/sys_i386.c
+++ b/arch/i386/kernel/sys_i386.c
@@ -272,10 +272,9 @@ get_addr(unsigned long addr, unsigned long len)
 			return -ENOMEM;
 		if (!vma || ((addr + len) < vma->vm_start))
 			goto found_addr;
-		addr = vma->vm_end;
+		addr = HPAGE_ALIGN(vma->vm_end);
 	}
 found_addr:
-	addr = HPAGE_ALIGN(addr);
 	return addr;
 }