From: Hugh Dickins Date: Sat, 25 Jun 2005 21:54:33 +0000 (-0700) Subject: [PATCH] mm: fix remap_pte_range BUG X-Git-Tag: v2.6.13-rc1~68^2~226 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2d15cab85b85a56cc886037cab43cc292923ff22;p=linux-2.6 [PATCH] mm: fix remap_pte_range BUG Out-of-tree user of remap_pfn_range hit kernel BUG at mm/memory.c:1112! It passes an unrounded size to remap_pfn_range, which was okay before 2.6.12, but misses remap_pte_range's new end condition. An audit of all the other ptwalks confirms that this is the only one so exposed. Signed-off-by: Hugh Dickins Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/mm/memory.c b/mm/memory.c index c256175742..beabdefa62 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -1139,7 +1139,7 @@ int remap_pfn_range(struct vm_area_struct *vma, unsigned long addr, { pgd_t *pgd; unsigned long next; - unsigned long end = addr + size; + unsigned long end = addr + PAGE_ALIGN(size); struct mm_struct *mm = vma->vm_mm; int err;