diff options
author | Ralph Campbell <rcampbell@nvidia.com> | 2019-08-23 15:17:52 -0700 |
---|---|---|
committer | Jason Gunthorpe <jgg@mellanox.com> | 2019-08-27 19:27:07 -0300 |
commit | 6c64f2bbe79cf3b770ac60ae79442322bd76d55e (patch) | |
tree | 79acd2366e34348b704a425f07b34e55ebd1ce40 /mm/page_idle.c | |
parent | e3fe8e555dd05cf74168d18555c44320ed50a0e1 (diff) |
mm/hmm: hmm_range_fault() NULL pointer bug
Although hmm_range_fault() calls find_vma() to make sure that a vma exists
before calling walk_page_range(), hmm_vma_walk_hole() can still be called
with walk->vma == NULL if the start and end address are not contained
within the vma range.
hmm_range_fault() /* calls find_vma() but no range check */
walk_page_range() /* calls find_vma(), sets walk->vma = NULL */
__walk_page_range()
walk_pgd_range()
walk_p4d_range()
walk_pud_range()
hmm_vma_walk_hole()
hmm_vma_walk_hole_()
hmm_vma_do_fault()
handle_mm_fault(vma=0)
Link: https://lore.kernel.org/r/20190823221753.2514-2-rcampbell@nvidia.com
Signed-off-by: Ralph Campbell <rcampbell@nvidia.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
Diffstat (limited to 'mm/page_idle.c')
0 files changed, 0 insertions, 0 deletions