projects / linux-2.6-block.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
x86/mm: Prevent non-MAP_FIXED mapping across DEFAULT_MAP_WINDOW border
[linux-2.6-block.git] / arch / x86 / mm / hugetlbpage.c
diff --git a/arch/x86/mm/hugetlbpage.c b/arch/x86/mm/hugetlbpage.c
index 8ae0000cbdb34d8c6db0efacc566fb3a5b78d2d3..00b296617ca436c3cea79edcbb0a94d034ee52a3 100644 (file)
--- a/arch/x86/mm/hugetlbpage.c
+++ b/arch/x86/mm/hugetlbpage.c
@@ -158,6 +158,7 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr,
        if (len > TASK_SIZE)
                return -ENOMEM;
 
+       /* No address checking. See comment at mmap_address_hint_valid() */
        if (flags & MAP_FIXED) {
                if (prepare_hugepage_range(file, addr, len))
                        return -EINVAL;
@@ -165,12 +166,16 @@ hugetlb_get_unmapped_area(struct file *file, unsigned long addr,
        }
 
        if (addr) {
-               addr = ALIGN(addr, huge_page_size(h));
+               addr &= huge_page_mask(h);
+               if (!mmap_address_hint_valid(addr, len))
+                       goto get_unmapped_area;
+
                vma = find_vma(mm, addr);
-               if (TASK_SIZE - len >= addr &&
-                   (!vma || addr + len <= vm_start_gap(vma)))
+               if (!vma || addr + len <= vm_start_gap(vma))
                        return addr;
        }
+
+get_unmapped_area:
        if (mm->get_unmapped_area == arch_get_unmapped_area)
                return hugetlb_get_unmapped_area_bottomup(file, addr, len,
                                pgoff, flags);
Linux 6.x block layer and io_uring tree(s)