On Sat, 13 Aug 2005, Arjan van de Ven wrote:
>
> attached is the same patch but now with Steven's change made as well
Actually, the more I looked at that mmap_kmem() function, the less I liked
it. Let's get that sucker fixed better first. It's still not wonderful,
but at least now it tries to verify the whole _range_ of the mapping.
Steven, does this "alternate mmap_kmem fix" patch work for you?
Linus
----
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -261,7 +261,11 @@ static int mmap_mem(struct file * file,
static int mmap_kmem(struct file * file, struct vm_area_struct * vma)
{
- unsigned long long val;
+ unsigned long pfn, size;
+
+ /* Turn a kernel-virtual address into a physical page frame */
+ pfn = __pa((u64)vma->vm_pgoff << PAGE_SHIFT) >> PAGE_SHIFT;
+
/*
* RED-PEN: on some architectures there is more mapped memory
* than available in mem_map which pfn_valid checks
@@ -269,10 +273,14 @@ static int mmap_kmem(struct file * file,
*
* RED-PEN: vmalloc is not supported right now.
*/
- if (!pfn_valid(vma->vm_pgoff))
+ if (!pfn_valid(pfn))
return -EIO;
- val = (u64)vma->vm_pgoff << PAGE_SHIFT;
- vma->vm_pgoff = __pa(val) >> PAGE_SHIFT;
+
+ size = (vma->vm_end - vma->vm_start) >> PAGE_SHIFT;
+ if (!pfn_valid(pfn + size - 1))
+ return -EIO;
+
+ vma->vm_pgoff = pfn;
return mmap_mem(file, vma);
}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
