Fix bug in __get_vm_area() alignment code

If we are still above the vma start address on the last vma, we can use addr even if it is inside the vma (i.e. addr < vma->addr + vma->size). Fix this by aligning addr past the end of the vma in this case

Fix bug in __get_vm_area() alignment code
If we are still above the vma start address on the last vma, we can use addr even if it is inside the vma (i.e. addr < vma->addr + vma->size). Fix this by aligning addr past the end of the vma in this case
65221767 · James Bottomley · James Bottomley · 31400932 · 65221767
Commit 65221767 authored Jul 08, 2004 by James Bottomley Committed by James Bottomley Jul 08, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 3 deletions

mm/vmalloc.c mm/vmalloc.c +6 -3

No files found.
--- a/mm/vmalloc.c
+++ b/mm/vmalloc.c
@@ -179,7 +179,7 @@ int map_vm_area(struct vm_struct *area, pgprot_t prot, struct page ***pages)
 	return err;
 }
-#define IOREMAP_MAX_ORDER	(3 + PAGE_SHIFT)	/* 8 pages */
+#define IOREMAP_MAX_ORDER	(7 + PAGE_SHIFT)	/* 128 pages */
 struct vm_struct *__get_vm_area(unsigned long size, unsigned long flags,
 				unsigned long start, unsigned long end)
@@ -200,7 +200,6 @@ struct vm_struct *__get_vm_area(unsigned long size, unsigned long flags,
 	}
 	addr = ALIGN(start, align);
 	area = kmalloc(sizeof(*area), GFP_KERNEL);
 	if (unlikely(!area))
 		return NULL;
@@ -216,8 +215,12 @@ struct vm_struct *__get_vm_area(unsigned long size, unsigned long flags,
 	write_lock(&vmlist_lock);
 	for (p = &vmlist; (tmp = *p) != NULL ;p = &tmp->next) {
-		if ((unsigned long)tmp->addr < addr)
+		if ((unsigned long)tmp->addr < addr) {
+			if((unsigned long)tmp->addr + tmp->size >= addr)
+				addr = ALIGN(tmp->size + 
+					     (unsigned long)tmp->addr, align);
 			continue;
+		}
 		if ((size + addr) < addr)
 			goto out;
 		if (size + addr <= (unsigned long)tmp->addr)