diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2005-11-29 22:34:32 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-11-29 22:47:03 -0500 |
commit | 5bd0190bf3d7e53043a048e809ffa29d41b9d6ac (patch) | |
tree | c6fba8d5a532ecfa53dc97a3841d13d972964854 /kernel | |
parent | df69a60dc6afc2936d79054d30b481c1fd9720e5 (diff) |
[PATCH] Fix crash when ptrace poking hugepage areas
set_page_dirty() will not cope with being handed a page * which is part of
a compound page, but not the master page in that compound page. This case
can occur via access_process_vm() if you attemp to write to another
process's hugepage memory area using ptrace() (causing an oops or hang).
This patch fixes the bug by only calling set_page_dirty() from
access_process_vm() if the page is not a compound page. We already use a
similar fix in bio_set_pages_dirty() for the case of direct io to
hugepages.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: William Irwin <wli@holomorphy.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/ptrace.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/kernel/ptrace.c b/kernel/ptrace.c index 17ee7e5a3451..656476eedb1b 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c | |||
@@ -241,7 +241,8 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, in | |||
241 | if (write) { | 241 | if (write) { |
242 | copy_to_user_page(vma, page, addr, | 242 | copy_to_user_page(vma, page, addr, |
243 | maddr + offset, buf, bytes); | 243 | maddr + offset, buf, bytes); |
244 | set_page_dirty_lock(page); | 244 | if (!PageCompound(page)) |
245 | set_page_dirty_lock(page); | ||
245 | } else { | 246 | } else { |
246 | copy_from_user_page(vma, page, addr, | 247 | copy_from_user_page(vma, page, addr, |
247 | buf, maddr + offset, bytes); | 248 | buf, maddr + offset, bytes); |