On Thu, Jul 29, 2010 at 10:08 AM, Hiroshi DOYU <[email protected]> wrote: > On Sun, 25 Jul 2010 22:10:32 +0200 > ext Felipe Contreras <[email protected]> wrote: >> On Fri, Nov 6, 2009 at 3:34 PM, Hiroshi DOYU <[email protected]> wrote: >> > @@ -690,14 +732,19 @@ static int memory_check_vma(unsigned long start, u32 >> > len) >> > if (end <= start) >> > return -EINVAL; >> > >> > - down_read(¤t->mm->mmap_sem); >> > - >> > while ((vma = find_vma(current->mm, start)) != NULL) { >> > + ssize_t size; >> > >> > - if (vma->vm_start > start) { >> > - err = -EINVAL; >> > + if (vma->vm_flags & (VM_IO | VM_PFNMAP)) >> > + return -EINVAL; >> > + >> > + if (vma->vm_start > start) >> > + return -EINVAL; >> > + >> > + size = min_t(ssize_t, vma->vm_end - start, len); >> >> This 'len' is the total length, which is not what we want; in each >> iteration the length should be decreased so that it's always the >> remaining length. Right? >> >> len -= size; > > Great finding and I'm so sorry for this bug...
All right, thanks for confirming :) -- Felipe Contreras -- To unsubscribe from this list: send the line "unsubscribe linux-omap" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
