Allow stack to grow up to address space limit
commit bd726c90b6b8ce87602208701b208a208e6d5600 upstream. Fix expand_upwards() on architectures with an upward-growing stack (parisc, metag and partly IA-64) to allow the stack to reliably grow exactly up to the address space limit given by TASK_SIZE. Signed-off-by: Helge Deller <deller@gmx.de> Acked-by: Hugh Dickins <hughd@google.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> CVE-2017-1000364 Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org> Change-Id: I09ba5194a654bc3722f018063414169f0754b4d9 Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org>
This commit is contained in:
parent
8f965fea40
commit
c701778327
13
mm/mmap.c
13
mm/mmap.c
|
@ -1867,16 +1867,19 @@ int expand_upwards(struct vm_area_struct *vma, unsigned long address)
|
|||
* We must make sure the anon_vma is allocated
|
||||
* so that the anon_vma locking is not a noop.
|
||||
*/
|
||||
/* Guard against wrapping around to address 0. */
|
||||
/* Guard against exceeding limits of the address space. */
|
||||
address &= PAGE_MASK;
|
||||
address += PAGE_SIZE;
|
||||
if (!address)
|
||||
if (address >= TASK_SIZE)
|
||||
return -ENOMEM;
|
||||
address += PAGE_SIZE;
|
||||
|
||||
/* Enforce stack_guard_gap */
|
||||
gap_addr = address + stack_guard_gap;
|
||||
if (gap_addr < address)
|
||||
return -ENOMEM;
|
||||
|
||||
/* Guard against overflow */
|
||||
if (gap_addr < address || gap_addr > TASK_SIZE)
|
||||
gap_addr = TASK_SIZE;
|
||||
|
||||
next = vma->vm_next;
|
||||
if (next && next->vm_start < gap_addr) {
|
||||
if (!(next->vm_flags & VM_GROWSUP))
|
||||
|
|
Loading…
Reference in New Issue