From 7cd94146cd504016315608e297219f9fb7b1413b Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Mon, 26 Nov 2007 18:47:40 -0500 Subject: Security: round mmap hint address above mmap_min_addr If mmap_min_addr is set and a process attempts to mmap (not fixed) with a non-null hint address less than mmap_min_addr the mapping will fail the security checks. Since this is just a hint address this patch will round such a hint address above mmap_min_addr. gcj was found to try to be very frugal with vm usage and give hint addresses in the 8k-32k range. Without this patch all such programs failed and with the patch they happily get a higher address. This patch is wrappad in CONFIG_SECURITY since mmap_min_addr doesn't exist without it and there would be no security check possible no matter what. So we should not bother compiling in this rounding if it is just a waste of time. Signed-off-by: Eric Paris Signed-off-by: James Morris --- mm/mmap.c | 3 +++ mm/nommu.c | 3 +++ 2 files changed, 6 insertions(+) (limited to 'mm') diff --git a/mm/mmap.c b/mm/mmap.c index 938313c76d0..f4cfc6ac08d 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -912,6 +912,9 @@ unsigned long do_mmap_pgoff(struct file * file, unsigned long addr, if (!len) return -EINVAL; + if (!(flags & MAP_FIXED)) + addr = round_hint_to_min(addr); + error = arch_mmap_check(addr, len, flags); if (error) return error; diff --git a/mm/nommu.c b/mm/nommu.c index 35622c59092..b989cb928a7 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -829,6 +829,9 @@ unsigned long do_mmap_pgoff(struct file *file, void *result; int ret; + if (!(flags & MAP_FIXED)) + addr = round_hint_to_min(addr); + /* decide whether we should attempt the mapping, and if so what sort of * mapping */ ret = validate_mmap_request(file, addr, len, prot, flags, pgoff, -- cgit v1.2.3-18-g5258