summaryrefslogtreecommitdiff
path: root/mm/mmap.c
diff options
context:
space:
mode:
authorLiam Howlett <liam.howlett@oracle.com>2022-10-25 16:12:49 +0000
committerAndrew Morton <akpm@linux-foundation.org>2022-10-28 13:37:23 -0700
commit1db43d3f3733351849ddca4b573c037c7821bfd8 (patch)
tree3e21ddbce2216c7719f737f47e05574fff1d4960 /mm/mmap.c
parent5dc21f0c0b1c02ea2c9014cbe7cd3b28884ff306 (diff)
downloadlwn-1db43d3f3733351849ddca4b573c037c7821bfd8.tar.gz
lwn-1db43d3f3733351849ddca4b573c037c7821bfd8.zip
mmap: fix remap_file_pages() regression
When using the VMA iterator, the final execution will set the variable 'next' to NULL which causes the function to fail out. Restore the break in the loop to exit the VMA iterator early without clearing NULL fixes the issue. Link: https://lore.kernel.org/lkml/29344.1666681759@jrobl/ Link: https://lkml.kernel.org/r/20221025161222.2634030-1-Liam.Howlett@oracle.com Fixes: 763ecb035029 (mm: remove the vma linked list) Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com> Reported-by: "J. R. Okajima" <hooanon05g@gmail.com> Tested-by: "J. R. Okajima" <hooanon05g@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Diffstat (limited to 'mm/mmap.c')
-rw-r--r--mm/mmap.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/mm/mmap.c b/mm/mmap.c
index e270057ed04e..2def55555e05 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -2852,6 +2852,9 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
if (next->vm_flags != vma->vm_flags)
goto out;
+ if (start + size <= next->vm_end)
+ break;
+
prev = next;
}