diff options
| author | Kirill A. Shutemov <kirill.shutemov@linux.intel.com> | 2016-09-19 21:44:18 (GMT) |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-09-19 22:36:17 (GMT) |
| commit | 31b4beb473e3bdee1bf79db849502dcb24b5c202 (patch) | |
| tree | ba862e325b07ebd106cde077dfbddd3aedf4b233 /include/net/tcp.h | |
| parent | c8de641b1e9c5489aa6ca57b7836acd68e7563f1 (diff) | |
| download | linux-31b4beb473e3bdee1bf79db849502dcb24b5c202.tar.xz | |
ipc/shm: fix crash if CONFIG_SHMEM is not set
Commit c01d5b300774 ("shmem: get_unmapped_area align huge page") makes
use of shm_get_unmapped_area() in shm_file_operations() unconditional to
CONFIG_MMU.
As Tony Battersby pointed this can lead NULL-pointer dereference on
machine with CONFIG_MMU=y and CONFIG_SHMEM=n. In this case ipc/shm is
backed by ramfs which doesn't provide f_op->get_unmapped_area for
configurations with MMU.
The solution is to provide dummy f_op->get_unmapped_area for ramfs when
CONFIG_MMU=y, which just call current->mm->get_unmapped_area().
Fixes: c01d5b300774 ("shmem: get_unmapped_area align huge page")
Link: http://lkml.kernel.org/r/20160912102704.140442-1-kirill.shutemov@linux.intel.com
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reported-by: Tony Battersby <tonyb@cybernetics.com>
Tested-by: Tony Battersby <tonyb@cybernetics.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: <stable@vger.kernel.org> [4.7.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'include/net/tcp.h')
0 files changed, 0 insertions, 0 deletions