[PATCH] uclinux: fix mmap() of directory for nommu case

I was playing with blackfin when i hit a neat bug ... doing an open() on a
directory and then passing that fd to mmap() would cause the kernel to hang

after poking into the code a bit more, i found that
mm/nommu.c:validate_mmap_request() checks the length and if it is 0, just
returns the address ... this is in stark contrast to mmu's
mm/mmap.c:do_mmap_pgoff() where it returns -EINVAL for 0 length requests ...
i then noticed that some other parts of the logic is out of date between the
two funcs, so perhaps that's the easy fix ?

Signed-off-by: Greg Ungerer <gerg@uclinux.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

1 files changed, 7 insertions, 5 deletions

diff --git a/mm/nommu.c b/mm/nommu.c
index 8bdde9508f3b..6a2a8aada401 100644
--- a/mm/nommu.c
+++ b/mm/nommu.c
@@ -497,15 +497,17 @@ static int validate_mmap_request(struct file *file,
             (flags & MAP_TYPE) != MAP_SHARED)
                 return -EINVAL;
 
-        if (PAGE_ALIGN(len) == 0)
-                return addr;
-
-        if (len > TASK_SIZE)
+        if (!len)
                 return -EINVAL;
 
+        /* Careful about overflows.. */
+        len = PAGE_ALIGN(len);
+        if (!len || len > TASK_SIZE)
+                return -ENOMEM;
+
         /* offset overflow? */
         if ((pgoff + (len >> PAGE_SHIFT)) < pgoff)
-                return -EINVAL;
+                return -EOVERFLOW;
 
         if (file) {
                 /* validate file mapping requests */