From: David Howells Date: Mon, 1 Dec 2008 21:14:00 +0000 (-0800) Subject: frv: fix mmap2 error handling X-Git-Tag: firefly_0821_release~16644 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=4280e3126f641898f0ed1a931645373d3489e2a6;p=firefly-linux-kernel-4.4.55.git frv: fix mmap2 error handling Fix the error handling in sys_mmap2(). Currently, if the pgoff check fails, fput() might have to be called (which it isn't), so do the pgoff check first, before fget() is called. Signed-off-by: David Howells Reported-by: Julia Lawall Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/arch/frv/kernel/sys_frv.c b/arch/frv/kernel/sys_frv.c index 49b2cf2c38f3..baadc97f8627 100644 --- a/arch/frv/kernel/sys_frv.c +++ b/arch/frv/kernel/sys_frv.c @@ -35,22 +35,21 @@ asmlinkage long sys_mmap2(unsigned long addr, unsigned long len, int error = -EBADF; struct file * file = NULL; - flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE); - if (!(flags & MAP_ANONYMOUS)) { - file = fget(fd); - if (!file) - goto out; - } - /* As with sparc32, make sure the shift for mmap2 is constant (12), no matter what PAGE_SIZE we have.... */ /* But unlike sparc32, don't just silently break if we're trying to map something we can't */ - if (pgoff & ((1<<(PAGE_SHIFT-12))-1)) + if (pgoff & ((1 << (PAGE_SHIFT - 12)) - 1)) return -EINVAL; + pgoff >>= PAGE_SHIFT - 12; - pgoff >>= (PAGE_SHIFT - 12); + flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE); + if (!(flags & MAP_ANONYMOUS)) { + file = fget(fd); + if (!file) + goto out; + } down_write(¤t->mm->mmap_sem); error = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);