3.16.66-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Oleg Nesterov oleg@redhat.com
commit 32e4e6d5cbb0c0e427391635991fe65e17797af8 upstream.
expand_stack(vma) fails if address < stack_guard_gap even if there is no vma->vm_prev. I don't think this makes sense, and we didn't do this before the recent commit 1be7107fbe18 ("mm: larger stack guard gap, between vmas").
We do not need a gap in this case, any address is fine as long as security_mmap_addr() doesn't object.
This also simplifies the code, we know that address >= prev->vm_end and thus underflow is not possible.
Link: http://lkml.kernel.org/r/20170628175258.GA24881@redhat.com Signed-off-by: Oleg Nesterov oleg@redhat.com Acked-by: Michal Hocko mhocko@suse.com Cc: Hugh Dickins hughd@google.com Cc: Larry Woodman lwoodman@redhat.com Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org Signed-off-by: Ben Hutchings ben@decadent.org.uk --- mm/mmap.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-)
--- a/mm/mmap.c +++ b/mm/mmap.c @@ -2244,7 +2244,6 @@ int expand_downwards(struct vm_area_stru unsigned long address) { struct vm_area_struct *prev; - unsigned long gap_addr; int error;
address &= PAGE_MASK; @@ -2253,15 +2252,12 @@ int expand_downwards(struct vm_area_stru return error;
/* Enforce stack_guard_gap */ - gap_addr = address - stack_guard_gap; - if (gap_addr > address) - return -ENOMEM; prev = vma->vm_prev; - if (prev && prev->vm_end > gap_addr && + /* Check that both stack segments have the same anon_vma? */ + if (prev && !(prev->vm_flags & VM_GROWSDOWN) && (prev->vm_flags & (VM_WRITE|VM_READ|VM_EXEC))) { - if (!(prev->vm_flags & VM_GROWSDOWN)) + if (address - prev->vm_end < stack_guard_gap) return -ENOMEM; - /* Check that both stack segments have the same anon_vma? */ }
/* We must make sure the anon_vma is allocated. */