aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--arch/mips/kernel/linux32.c4
-rw-r--r--arch/mips/kernel/syscall.c5
2 files changed, 8 insertions, 1 deletions
diff --git a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c
index 1e8d24823d39..013bc93688e8 100644
--- a/arch/mips/kernel/linux32.c
+++ b/arch/mips/kernel/linux32.c
@@ -106,6 +106,10 @@ sys32_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
106 unsigned long error; 106 unsigned long error;
107 107
108 error = -EINVAL; 108 error = -EINVAL;
109 if (pgoff & (~PAGE_MASK >> 12))
110 goto out;
111 pgoff >>= PAGE_SHIFT-12;
112
109 if (!(flags & MAP_ANONYMOUS)) { 113 if (!(flags & MAP_ANONYMOUS)) {
110 error = -EBADF; 114 error = -EBADF;
111 file = fget(fd); 115 file = fget(fd);
diff --git a/arch/mips/kernel/syscall.c b/arch/mips/kernel/syscall.c
index 55f2bc09529c..2aeaa2fd4b32 100644
--- a/arch/mips/kernel/syscall.c
+++ b/arch/mips/kernel/syscall.c
@@ -162,7 +162,10 @@ asmlinkage unsigned long
162sys_mmap2(unsigned long addr, unsigned long len, unsigned long prot, 162sys_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
163 unsigned long flags, unsigned long fd, unsigned long pgoff) 163 unsigned long flags, unsigned long fd, unsigned long pgoff)
164{ 164{
165 return do_mmap2(addr, len, prot, flags, fd, pgoff); 165 if (pgoff & (~PAGE_MASK >> 12))
166 return -EINVAL;
167
168 return do_mmap2(addr, len, prot, flags, fd, pgoff >> (PAGE_SHIFT-12));
166} 169}
167 170
168save_static_function(sys_fork); 171save_static_function(sys_fork);