From: Hugh Dickins Date: Sat, 25 Jun 2005 21:54:33 +0000 (-0700) Subject: [PATCH] mm: fix remap_pte_range BUG X-Git-Tag: firefly_0821_release~42711^2~278 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=2d15cab85b85a56cc886037cab43cc292923ff22;p=firefly-linux-kernel-4.4.55.git [PATCH] mm: fix remap_pte_range BUG Out-of-tree user of remap_pfn_range hit kernel BUG at mm/memory.c:1112! It passes an unrounded size to remap_pfn_range, which was okay before 2.6.12, but misses remap_pte_range's new end condition. An audit of all the other ptwalks confirms that this is the only one so exposed. Signed-off-by: Hugh Dickins Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/mm/memory.c b/mm/memory.c index c256175742ac..beabdefa6254 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -1139,7 +1139,7 @@ int remap_pfn_range(struct vm_area_struct *vma, unsigned long addr, { pgd_t *pgd; unsigned long next; - unsigned long end = addr + size; + unsigned long end = addr + PAGE_ALIGN(size); struct mm_struct *mm = vma->vm_mm; int err;