diff options
author | Chris Wright <chrisw@osdl.org> | 2005-05-01 11:58:38 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-05-01 11:58:38 -0400 |
commit | 93ea1d0a12623dc1a693642b5758261f35f9bf96 (patch) | |
tree | 4938d87a7d269f7b3e53328d02eac259cb93515a | |
parent | edfbe2b0038723e5699ab22695ccd62b5542a5c1 (diff) |
[PATCH] RLIMIT_MEMLOCK checking fix
Always use page counts when doing RLIMIT_MEMLOCK checking to avoid possible
overflow.
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | mm/mmap.c | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -937,9 +937,10 @@ unsigned long do_mmap_pgoff(struct file * file, unsigned long addr, | |||
937 | /* mlock MCL_FUTURE? */ | 937 | /* mlock MCL_FUTURE? */ |
938 | if (vm_flags & VM_LOCKED) { | 938 | if (vm_flags & VM_LOCKED) { |
939 | unsigned long locked, lock_limit; | 939 | unsigned long locked, lock_limit; |
940 | locked = mm->locked_vm << PAGE_SHIFT; | 940 | locked = len >> PAGE_SHIFT; |
941 | locked += mm->locked_vm; | ||
941 | lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur; | 942 | lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur; |
942 | locked += len; | 943 | lock_limit >>= PAGE_SHIFT; |
943 | if (locked > lock_limit && !capable(CAP_IPC_LOCK)) | 944 | if (locked > lock_limit && !capable(CAP_IPC_LOCK)) |
944 | return -EAGAIN; | 945 | return -EAGAIN; |
945 | } | 946 | } |
@@ -1822,9 +1823,10 @@ unsigned long do_brk(unsigned long addr, unsigned long len) | |||
1822 | */ | 1823 | */ |
1823 | if (mm->def_flags & VM_LOCKED) { | 1824 | if (mm->def_flags & VM_LOCKED) { |
1824 | unsigned long locked, lock_limit; | 1825 | unsigned long locked, lock_limit; |
1825 | locked = mm->locked_vm << PAGE_SHIFT; | 1826 | locked = len >> PAGE_SHIFT; |
1827 | locked += mm->locked_vm; | ||
1826 | lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur; | 1828 | lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur; |
1827 | locked += len; | 1829 | lock_limit >>= PAGE_SHIFT; |
1828 | if (locked > lock_limit && !capable(CAP_IPC_LOCK)) | 1830 | if (locked > lock_limit && !capable(CAP_IPC_LOCK)) |
1829 | return -EAGAIN; | 1831 | return -EAGAIN; |
1830 | } | 1832 | } |