diff options
Diffstat (limited to 'mm/nommu.c')
| -rw-r--r-- | mm/nommu.c | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/mm/nommu.c b/mm/nommu.c index 8bdde9508f..23fb033e59 100644 --- a/mm/nommu.c +++ b/mm/nommu.c | |||
| @@ -497,15 +497,17 @@ static int validate_mmap_request(struct file *file, | |||
| 497 | (flags & MAP_TYPE) != MAP_SHARED) | 497 | (flags & MAP_TYPE) != MAP_SHARED) |
| 498 | return -EINVAL; | 498 | return -EINVAL; |
| 499 | 499 | ||
| 500 | if (PAGE_ALIGN(len) == 0) | 500 | if (!len) |
| 501 | return addr; | ||
| 502 | |||
| 503 | if (len > TASK_SIZE) | ||
| 504 | return -EINVAL; | 501 | return -EINVAL; |
| 505 | 502 | ||
| 503 | /* Careful about overflows.. */ | ||
| 504 | len = PAGE_ALIGN(len); | ||
| 505 | if (!len || len > TASK_SIZE) | ||
| 506 | return -ENOMEM; | ||
| 507 | |||
| 506 | /* offset overflow? */ | 508 | /* offset overflow? */ |
| 507 | if ((pgoff + (len >> PAGE_SHIFT)) < pgoff) | 509 | if ((pgoff + (len >> PAGE_SHIFT)) < pgoff) |
| 508 | return -EINVAL; | 510 | return -EOVERFLOW; |
| 509 | 511 | ||
| 510 | if (file) { | 512 | if (file) { |
| 511 | /* validate file mapping requests */ | 513 | /* validate file mapping requests */ |
| @@ -521,7 +523,7 @@ static int validate_mmap_request(struct file *file, | |||
| 521 | */ | 523 | */ |
| 522 | mapping = file->f_mapping; | 524 | mapping = file->f_mapping; |
| 523 | if (!mapping) | 525 | if (!mapping) |
| 524 | mapping = file->f_dentry->d_inode->i_mapping; | 526 | mapping = file->f_path.dentry->d_inode->i_mapping; |
| 525 | 527 | ||
| 526 | capabilities = 0; | 528 | capabilities = 0; |
| 527 | if (mapping && mapping->backing_dev_info) | 529 | if (mapping && mapping->backing_dev_info) |
| @@ -530,7 +532,7 @@ static int validate_mmap_request(struct file *file, | |||
| 530 | if (!capabilities) { | 532 | if (!capabilities) { |
| 531 | /* no explicit capabilities set, so assume some | 533 | /* no explicit capabilities set, so assume some |
| 532 | * defaults */ | 534 | * defaults */ |
| 533 | switch (file->f_dentry->d_inode->i_mode & S_IFMT) { | 535 | switch (file->f_path.dentry->d_inode->i_mode & S_IFMT) { |
| 534 | case S_IFREG: | 536 | case S_IFREG: |
| 535 | case S_IFBLK: | 537 | case S_IFBLK: |
| 536 | capabilities = BDI_CAP_MAP_COPY; | 538 | capabilities = BDI_CAP_MAP_COPY; |
| @@ -561,11 +563,11 @@ static int validate_mmap_request(struct file *file, | |||
| 561 | !(file->f_mode & FMODE_WRITE)) | 563 | !(file->f_mode & FMODE_WRITE)) |
| 562 | return -EACCES; | 564 | return -EACCES; |
| 563 | 565 | ||
| 564 | if (IS_APPEND(file->f_dentry->d_inode) && | 566 | if (IS_APPEND(file->f_path.dentry->d_inode) && |
| 565 | (file->f_mode & FMODE_WRITE)) | 567 | (file->f_mode & FMODE_WRITE)) |
| 566 | return -EACCES; | 568 | return -EACCES; |
| 567 | 569 | ||
| 568 | if (locks_verify_locked(file->f_dentry->d_inode)) | 570 | if (locks_verify_locked(file->f_path.dentry->d_inode)) |
| 569 | return -EAGAIN; | 571 | return -EAGAIN; |
| 570 | 572 | ||
| 571 | if (!(capabilities & BDI_CAP_MAP_DIRECT)) | 573 | if (!(capabilities & BDI_CAP_MAP_DIRECT)) |
| @@ -596,7 +598,7 @@ static int validate_mmap_request(struct file *file, | |||
| 596 | 598 | ||
| 597 | /* handle executable mappings and implied executable | 599 | /* handle executable mappings and implied executable |
| 598 | * mappings */ | 600 | * mappings */ |
| 599 | if (file->f_vfsmnt->mnt_flags & MNT_NOEXEC) { | 601 | if (file->f_path.mnt->mnt_flags & MNT_NOEXEC) { |
| 600 | if (prot & PROT_EXEC) | 602 | if (prot & PROT_EXEC) |
| 601 | return -EPERM; | 603 | return -EPERM; |
| 602 | } | 604 | } |
| @@ -806,10 +808,9 @@ unsigned long do_mmap_pgoff(struct file *file, | |||
| 806 | vm_flags = determine_vm_flags(file, prot, flags, capabilities); | 808 | vm_flags = determine_vm_flags(file, prot, flags, capabilities); |
| 807 | 809 | ||
| 808 | /* we're going to need to record the mapping if it works */ | 810 | /* we're going to need to record the mapping if it works */ |
| 809 | vml = kmalloc(sizeof(struct vm_list_struct), GFP_KERNEL); | 811 | vml = kzalloc(sizeof(struct vm_list_struct), GFP_KERNEL); |
| 810 | if (!vml) | 812 | if (!vml) |
| 811 | goto error_getting_vml; | 813 | goto error_getting_vml; |
| 812 | memset(vml, 0, sizeof(*vml)); | ||
| 813 | 814 | ||
| 814 | down_write(&nommu_vma_sem); | 815 | down_write(&nommu_vma_sem); |
| 815 | 816 | ||
| @@ -832,7 +833,7 @@ unsigned long do_mmap_pgoff(struct file *file, | |||
| 832 | continue; | 833 | continue; |
| 833 | 834 | ||
| 834 | /* search for overlapping mappings on the same file */ | 835 | /* search for overlapping mappings on the same file */ |
| 835 | if (vma->vm_file->f_dentry->d_inode != file->f_dentry->d_inode) | 836 | if (vma->vm_file->f_path.dentry->d_inode != file->f_path.dentry->d_inode) |
| 836 | continue; | 837 | continue; |
| 837 | 838 | ||
| 838 | if (vma->vm_pgoff >= pgoff + pglen) | 839 | if (vma->vm_pgoff >= pgoff + pglen) |
| @@ -885,11 +886,10 @@ unsigned long do_mmap_pgoff(struct file *file, | |||
| 885 | } | 886 | } |
| 886 | 887 | ||
| 887 | /* we're going to need a VMA struct as well */ | 888 | /* we're going to need a VMA struct as well */ |
| 888 | vma = kmalloc(sizeof(struct vm_area_struct), GFP_KERNEL); | 889 | vma = kzalloc(sizeof(struct vm_area_struct), GFP_KERNEL); |
| 889 | if (!vma) | 890 | if (!vma) |
| 890 | goto error_getting_vma; | 891 | goto error_getting_vma; |
| 891 | 892 | ||
| 892 | memset(vma, 0, sizeof(*vma)); | ||
| 893 | INIT_LIST_HEAD(&vma->anon_vma_node); | 893 | INIT_LIST_HEAD(&vma->anon_vma_node); |
| 894 | atomic_set(&vma->vm_usage, 1); | 894 | atomic_set(&vma->vm_usage, 1); |
| 895 | if (file) | 895 | if (file) |