[PATCH] [UIO] Take offset into account when determining number ofpages that can be mapped

From: Ian Abbott
Date: Tue Feb 24 2009 - 12:33:09 EST

Next message: Christoph Lameter: "Re: [PATCH 06/19] Check only once if the zonelist is suitable forthe allocation"
Previous message: Linus Torvalds: "Re: Another Performance Regression in write() syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Ian Abbott <abbotti@xxxxxxxxx>

If a UIO memory region does not start on a page boundary but straddles one,
the number of actual pages that overlap the memory region may be calculated
incorrectly because the offset isn't taken into account. If userspace sets
the mmap length to offset+size, it may fail with -EINVAL if UIO thinks it's
trying to allocate too many pages.

Signed-off-by: Ian Abbott <abbotti@xxxxxxxxx>
---
diff -urp linux-2.6.29-rc6/drivers/uio/uio.c linux-2.6.29-rc6.new/drivers/uio/uio.c
--- linux-2.6.29-rc6/drivers/uio/uio.c 2009-02-24 16:37:07.000000000 +0000
+++ linux-2.6.29-rc6.new/drivers/uio/uio.c 2009-02-24 16:43:16.000000000 +0000
@@ -686,7 +686,8 @@ static int uio_mmap(struct file *filep,
return -EINVAL;

requested_pages = (vma->vm_end - vma->vm_start) >> PAGE_SHIFT;
- actual_pages = (idev->info->mem[mi].size + PAGE_SIZE -1) >> PAGE_SHIFT;
+ actual_pages = ((idev->info->mem[mi].addr & ~PAGE_MASK)
+ + idev->info->mem[mi].size + PAGE_SIZE -1) >> PAGE_SHIFT;
if (requested_pages > actual_pages)
return -EINVAL;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christoph Lameter: "Re: [PATCH 06/19] Check only once if the zonelist is suitable forthe allocation"
Previous message: Linus Torvalds: "Re: Another Performance Regression in write() syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]