mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-28 21:33:52 +00:00
mm/mprotect: fix do_mprotect_pkey() limit check
commit77795f900e
upstream. The return of do_mprotect_pkey() can still be incorrectly returned as success if there is a gap that spans to or beyond the end address passed in. Update the check to ensure that the end address has indeed been seen. Link: https://lore.kernel.org/all/CABi2SkXjN+5iFoBhxk71t3cmunTk-s=rB4T7qo0UQRh17s49PQ@mail.gmail.com/ Link: https://lkml.kernel.org/r/20230606182912.586576-1-Liam.Howlett@oracle.com Fixes:82f951340f
("mm/mprotect: fix do_mprotect_pkey() return on error") Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com> Reported-by: Jeff Xu <jeffxu@chromium.org> Reviewed-by: Lorenzo Stoakes <lstoakes@gmail.com> Acked-by: David Hildenbrand <david@redhat.com> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
c189994b5d
commit
b6e15f5940
1 changed files with 1 additions and 1 deletions
|
@ -838,7 +838,7 @@ static int do_mprotect_pkey(unsigned long start, size_t len,
|
|||
}
|
||||
tlb_finish_mmu(&tlb);
|
||||
|
||||
if (!error && vma_iter_end(&vmi) < end)
|
||||
if (!error && tmp < end)
|
||||
error = -ENOMEM;
|
||||
|
||||
out:
|
||||
|
|
Loading…
Reference in a new issue