[PATCH 6.3 060/199] mm/mprotect: fix do_mprotect_pkey() limit check

26 Jun 2023

From: Liam R. Howlett Liam.Howlett@oracle.com
commit 77795f900e2a07c1cbedc375789aefb43843b6c2 upstream.
The return of do_mprotect_pkey() can still be incorrectly returned as
success if there is a gap that spans to or beyond the end address passed
in.  Update the check to ensure that the end address has indeed been seen.
Link: https://lore.kernel.org/all/CABi2SkXjN+5iFoBhxk71t3cmunTk-s=rB4T7qo0UQRh17s4...
Link: https://lkml.kernel.org/r/20230606182912.586576-1-Liam.Howlett@oracle.com
Fixes: 82f951340f25 ("mm/mprotect: fix do_mprotect_pkey() return on error")
Signed-off-by: Liam R. Howlett Liam.Howlett@oracle.com
Reported-by: Jeff Xu jeffxu@chromium.org
Reviewed-by: Lorenzo Stoakes lstoakes@gmail.com
Acked-by: David Hildenbrand david@redhat.com
Acked-by: Vlastimil Babka vbabka@suse.cz
Cc: stable@vger.kernel.org
Signed-off-by: Andrew Morton akpm@linux-foundation.org
Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
---
 mm/mprotect.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -838,7 +838,7 @@ static int do_mprotect_pkey(unsigned lon
    }
    tlb_finish_mmu(&tlb);
-	if (!error && vma_iter_end(&vmi) < end)
+	if (!error && tmp < end)
    	error = -ENOMEM;
out:

    

2024

2023

2022

2021

2020

2019

2018

2017

[PATCH 6.3 060/199] mm/mprotect: fix do_mprotect_pkey() limit check