mirror of
				git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
				synced 2025-09-04 20:19:47 +08:00 
			
		
		
		
	 31b4beb473
			
		
	
	
		31b4beb473
		
	
	
	
	
		
			
			Commitc01d5b3007("shmem: get_unmapped_area align huge page") makes use of shm_get_unmapped_area() in shm_file_operations() unconditional to CONFIG_MMU. As Tony Battersby pointed this can lead NULL-pointer dereference on machine with CONFIG_MMU=y and CONFIG_SHMEM=n. In this case ipc/shm is backed by ramfs which doesn't provide f_op->get_unmapped_area for configurations with MMU. The solution is to provide dummy f_op->get_unmapped_area for ramfs when CONFIG_MMU=y, which just call current->mm->get_unmapped_area(). Fixes:c01d5b3007("shmem: get_unmapped_area align huge page") Link: http://lkml.kernel.org/r/20160912102704.140442-1-kirill.shutemov@linux.intel.com Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Reported-by: Tony Battersby <tonyb@cybernetics.com> Tested-by: Tony Battersby <tonyb@cybernetics.com> Cc: Hugh Dickins <hughd@google.com> Cc: <stable@vger.kernel.org> [4.7.x] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
		
			
				
	
	
		
			56 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			56 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /* file-mmu.c: ramfs MMU-based file operations
 | |
|  *
 | |
|  * Resizable simple ram filesystem for Linux.
 | |
|  *
 | |
|  * Copyright (C) 2000 Linus Torvalds.
 | |
|  *               2000 Transmeta Corp.
 | |
|  *
 | |
|  * Usage limits added by David Gibson, Linuxcare Australia.
 | |
|  * This file is released under the GPL.
 | |
|  */
 | |
| 
 | |
| /*
 | |
|  * NOTE! This filesystem is probably most useful
 | |
|  * not as a real filesystem, but as an example of
 | |
|  * how virtual filesystems can be written.
 | |
|  *
 | |
|  * It doesn't get much simpler than this. Consider
 | |
|  * that this file implements the full semantics of
 | |
|  * a POSIX-compliant read-write filesystem.
 | |
|  *
 | |
|  * Note in particular how the filesystem does not
 | |
|  * need to implement any data structures of its own
 | |
|  * to keep track of the virtual data: using the VFS
 | |
|  * caches is sufficient.
 | |
|  */
 | |
| 
 | |
| #include <linux/fs.h>
 | |
| #include <linux/mm.h>
 | |
| #include <linux/ramfs.h>
 | |
| #include <linux/sched.h>
 | |
| 
 | |
| #include "internal.h"
 | |
| 
 | |
| static unsigned long ramfs_mmu_get_unmapped_area(struct file *file,
 | |
| 		unsigned long addr, unsigned long len, unsigned long pgoff,
 | |
| 		unsigned long flags)
 | |
| {
 | |
| 	return current->mm->get_unmapped_area(file, addr, len, pgoff, flags);
 | |
| }
 | |
| 
 | |
| const struct file_operations ramfs_file_operations = {
 | |
| 	.read_iter	= generic_file_read_iter,
 | |
| 	.write_iter	= generic_file_write_iter,
 | |
| 	.mmap		= generic_file_mmap,
 | |
| 	.fsync		= noop_fsync,
 | |
| 	.splice_read	= generic_file_splice_read,
 | |
| 	.splice_write	= iter_file_splice_write,
 | |
| 	.llseek		= generic_file_llseek,
 | |
| 	.get_unmapped_area	= ramfs_mmu_get_unmapped_area,
 | |
| };
 | |
| 
 | |
| const struct inode_operations ramfs_file_inode_operations = {
 | |
| 	.setattr	= simple_setattr,
 | |
| 	.getattr	= simple_getattr,
 | |
| };
 |