Commit a738f561 authored by Andrew Morton's avatar Andrew Morton Committed by Linus Torvalds

[PATCH] MAP_FIXED|MAP_ANON crash fix

An anonymous fixed mmap with CONFIG_HUGETLB_PAGE=y will dereference NULL.  We
recur into the pagefault handler with mmap_sem held and lock up.
parent e19690cd
...@@ -801,7 +801,7 @@ get_unmapped_area(struct file *file, unsigned long addr, unsigned long len, ...@@ -801,7 +801,7 @@ get_unmapped_area(struct file *file, unsigned long addr, unsigned long len,
return -ENOMEM; return -ENOMEM;
if (addr & ~PAGE_MASK) if (addr & ~PAGE_MASK)
return -EINVAL; return -EINVAL;
if (is_file_hugepages(file)) { if (file && is_file_hugepages(file)) {
unsigned long ret; unsigned long ret;
ret = is_aligned_hugepage_range(addr, len); ret = is_aligned_hugepage_range(addr, len);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment