kernel_optimize_test/mm
Linus Torvalds 982134ba62 mm: avoid wrapping vm_pgoff in mremap()
The normal mmap paths all avoid creating a mapping where the pgoff
inside the mapping could wrap around due to overflow.  However, an
expanding mremap() can take such a non-wrapping mapping and make it
bigger and cause a wrapping condition.

Noticed by Robert Swiecki when running a system call fuzzer, where it
caused a BUG_ON() due to terminally confusing the vma_prio_tree code.  A
vma dumping patch by Hugh then pinpointed the crazy wrapped case.

Reported-and-tested-by: Robert Swiecki <robert@swiecki.net>
Acked-by: Hugh Dickins <hughd@google.com>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-04-07 07:35:51 -07:00
..
backing-dev.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2011-03-24 19:01:30 -07:00
bootmem.c crash_dump: export is_kdump_kernel to modules, consolidate elfcorehdr_addr, setup_elfcorehdr and saved_max_pfn 2011-03-23 19:47:19 -07:00
bounce.c
compaction.c mm: compaction: minimise the time IRQs are disabled while isolating pages for migration 2011-03-22 17:44:05 -07:00
debug-pagealloc.c
dmapool.c
fadvise.c
failslab.c
filemap_xip.c
filemap.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2011-03-24 19:01:30 -07:00
fremap.c
highmem.c
huge_memory.c mm: use __GFP_OTHER_NODE for transparent huge pages 2011-03-22 17:44:05 -07:00
hugetlb.c hugetlbfs: correct handling of negative input to /proc/sys/vm/nr_hugepages 2011-03-22 17:44:04 -07:00
hwpoison-inject.c
init-mm.c
internal.h mm: export __get_user_pages 2011-03-17 13:08:27 -03:00
Kconfig
Kconfig.debug mm: debug-pagealloc: fix kconfig dependency warning 2011-03-22 17:44:02 -07:00
kmemcheck.c
kmemleak-test.c
kmemleak.c
ksm.c mm: rename drop_anon_vma() to put_anon_vma() 2011-03-22 17:44:03 -07:00
maccess.c
madvise.c
Makefile
memblock.c mm/memblock: properly handle overlaps and fix error path 2011-03-22 17:44:09 -07:00
memcontrol.c memcg: fix leak on wrong LRU with FUSE 2011-03-23 19:46:33 -07:00
memory_hotplug.c
memory-failure.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
memory.c mm: fix memory.c incorrect kernel-doc 2011-03-27 19:30:18 -07:00
mempolicy.c mempolicy: remove redundant check in __mpol_equal() 2011-03-22 17:44:04 -07:00
mempool.c
migrate.c memcg: fix ugly initialization of return value is in caller 2011-03-23 19:46:22 -07:00
mincore.c
mlock.c mm: arch: make get_gate_vma take an mm_struct instead of a task_struct 2011-03-23 16:36:54 -04:00
mm_init.c
mmap.c
mmu_context.c
mmu_notifier.c
mmzone.c
mprotect.c
mremap.c mm: avoid wrapping vm_pgoff in mremap() 2011-04-07 07:35:51 -07:00
msync.c
nobootmem.c crash_dump: export is_kdump_kernel to modules, consolidate elfcorehdr_addr, setup_elfcorehdr and saved_max_pfn 2011-03-23 19:47:19 -07:00
nommu.c NOMMU: implement access_remote_vm 2011-03-29 14:05:12 +01:00
oom_kill.c lib, arch: add filter argument to show_mem and fix private implementations 2011-03-24 17:49:37 -07:00
page_alloc.c lib, arch: add filter argument to show_mem and fix private implementations 2011-03-24 17:49:37 -07:00
page_cgroup.c memcg: page_cgroup array is never stored on reserved pages 2011-03-23 19:46:33 -07:00
page_io.c
page_isolation.c
page-writeback.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
pagewalk.c pagewalk: only split huge pages when necessary 2011-03-22 17:44:04 -07:00
percpu-km.c
percpu-vm.c
percpu.c NOMMU: percpu should use is_vmalloc_addr(). 2011-03-28 12:53:29 +01:00
pgtable-generic.c
prio_tree.c
quicklist.c
readahead.c
rmap.c fs: move i_wb_list out from under inode_lock 2011-03-24 21:17:51 -04:00
shmem.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
slab.c mm: notifier_from_errno() cleanup 2011-03-22 17:44:01 -07:00
slob.c
slub.c SLUB: Write to per cpu data when allocating it 2011-03-24 21:53:07 +02:00
sparse-vmemmap.c
sparse.c
swap_state.c
swap.c mm: simplify code of swap.c 2011-03-22 17:44:09 -07:00
swapfile.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
thrash.c
truncate.c mm: deactivate invalidated pages 2011-03-22 17:44:03 -07:00
util.c
vmalloc.c vmalloc: remove confusing comment on vwrite() 2011-03-22 17:44:09 -07:00
vmscan.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
vmstat.c mm: add __GFP_OTHER_NODE flag 2011-03-22 17:44:05 -07:00