summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHugh Dickins <hugh@veritas.com>2006-03-24 03:18:06 -0800
committerLinus Torvalds <torvalds@g5.osdl.org>2006-03-24 07:33:25 -0800
commitdf1e2fb540368d0f9640045235f81923fa63acb7 (patch)
treeaae81d11a102030772ab5a1a6bfa55820fbaf0da
parent38885bd4c2a4b59ddb22271d3e6c621859c76f02 (diff)
downloadlwn-df1e2fb540368d0f9640045235f81923fa63acb7.tar.gz
lwn-df1e2fb540368d0f9640045235f81923fa63acb7.zip
[PATCH] shmdt: check address alignment
SUSv3 says the shmdt() function shall fail with EINVAL if the value of shmaddr is not the data segment start address of a shared memory segment: our sys_shmdt needs to reject a shmaddr which is not page-aligned. Does it have the potential to break existing apps? Hugh says "sys_shmdt() just does the wrong (unexpected) thing with a misaligned address: it'll fail on what you might expect it to succeed on, and only succeed on what it should definitely fail on. "That is, I think it behaves as if shmaddr gets rounded up, when the only understandable behaviour would be if it rounded it down. "Which does mean you'd have to be devious to see anything but EINVAL from a misaligned shmaddr there, so it's not terribly important." Signed-off-by: Hugh Dickins <hugh@veritas.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--ipc/shm.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/ipc/shm.c b/ipc/shm.c
index 9162123a7b23..16fe2786087d 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -814,6 +814,9 @@ asmlinkage long sys_shmdt(char __user *shmaddr)
loff_t size = 0;
int retval = -EINVAL;
+ if (addr & ~PAGE_MASK)
+ return retval;
+
down_write(&mm->mmap_sem);
/*