summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLiam Howlett <liam.howlett@oracle.com>2022-10-25 16:12:49 +0000
committerAndrew Morton <akpm@linux-foundation.org>2022-10-28 13:37:23 -0700
commit1db43d3f3733351849ddca4b573c037c7821bfd8 (patch)
tree3e21ddbce2216c7719f737f47e05574fff1d4960
parent5dc21f0c0b1c02ea2c9014cbe7cd3b28884ff306 (diff)
mmap: fix remap_file_pages() regression
When using the VMA iterator, the final execution will set the variable 'next' to NULL which causes the function to fail out. Restore the break in the loop to exit the VMA iterator early without clearing NULL fixes the issue. Link: https://lore.kernel.org/lkml/29344.1666681759@jrobl/ Link: https://lkml.kernel.org/r/20221025161222.2634030-1-Liam.Howlett@oracle.com Fixes: 763ecb035029 (mm: remove the vma linked list) Signed-off-by: Liam R. Howlett <Liam.Howlett@oracle.com> Reported-by: "J. R. Okajima" <hooanon05g@gmail.com> Tested-by: "J. R. Okajima" <hooanon05g@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-rw-r--r--mm/mmap.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/mm/mmap.c b/mm/mmap.c
index e270057ed04e..2def55555e05 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -2852,6 +2852,9 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
if (next->vm_flags != vma->vm_flags)
goto out;
+ if (start + size <= next->vm_end)
+ break;
+
prev = next;
}