gh0s7/mckernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mmap, mremap: Check arguments in the same order as in Linux

Browse Source 
Refs: #1137
Change-Id: I4fd2ac83b013a2741a3facce4dd7e0c37b14fd25
This commit is contained in:
Ken Sato
2018-06-27 11:43:42 +09:00
committed by Dominique Martinet
parent f185be06eb
commit 11756d96ef
3 changed files with 25 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
arch/arm64/kernel/syscall.c
View File

@@ -1801,8 +1801,9 @@ SYSCALL_DECLARE(mmap)
goto out; goto out;
} }
if ((flags & MAP_FIXED) && ((addr < region->user_start) if (addr < region->user_start
|| (region->user_end <= addr))) { || region->user_end <= addr
|| len > (region->user_end - region->user_start)) {
ekprintf("sys_mmap(%lx,%lx,%x,%x,%x,%lx):ENOMEM\n", ekprintf("sys_mmap(%lx,%lx,%x,%x,%x,%lx):ENOMEM\n",
addr0, len0, prot, flags0, fd, off0); addr0, len0, prot, flags0, fd, off0);
error = -ENOMEM; error = -ENOMEM;

5
arch/x86_64/kernel/syscall.c
View File

@@ -1570,8 +1570,9 @@ SYSCALL_DECLARE(mmap)
goto out; goto out;
} }
if ((flags & MAP_FIXED) && ((addr < region->user_start) if (addr < region->user_start
|| (region->user_end <= addr))) { || region->user_end <= addr
|| len > (region->user_end - region->user_start)) {
ekprintf("sys_mmap(%lx,%lx,%x,%x,%x,%lx):ENOMEM\n", ekprintf("sys_mmap(%lx,%lx,%x,%x,%x,%lx):ENOMEM\n",
addr0, len0, prot, flags0, fd, off0); addr0, len0, prot, flags0, fd, off0);
error = -ENOMEM; error = -ENOMEM;

28
kernel/syscall.c
View File

@@ -7729,6 +7729,7 @@ SYSCALL_DECLARE(mremap)
oldaddr, oldsize0, newsize0, flags, newaddr); oldaddr, oldsize0, newsize0, flags, newaddr);
ihk_mc_spinlock_lock_noirq(&vm->memory_range_lock); ihk_mc_spinlock_lock_noirq(&vm->memory_range_lock);
/* check arguments */
if ((oldaddr & ~PAGE_MASK) if ((oldaddr & ~PAGE_MASK)
|| (oldsize < 0) || (oldsize < 0)
|| (newsize <= 0) || (newsize <= 0)
@@ -7744,6 +7745,24 @@ SYSCALL_DECLARE(mremap)
goto out; goto out;
} }
if (oldend < oldstart) {
error = -EINVAL;
ekprintf("sys_mremap(%#lx,%#lx,%#lx,%#x,%#lx):"
"old range overflow. %d\n",
oldaddr, oldsize0, newsize0,
flags, newaddr, error);
goto out;
}
if (newsize > (vm->region.user_end - vm->region.user_start)) {
error = -ENOMEM;
ekprintf("sys_mremap(%#lx,%#lx,%#lx,%#x,%#lx):"
"cannot allocate. %d\n",
oldaddr, oldsize0, newsize0,
flags, newaddr, error);
goto out;
}
/* check original mapping */ /* check original mapping */
range = lookup_process_memory_range(vm, oldstart, oldstart+PAGE_SIZE); range = lookup_process_memory_range(vm, oldstart, oldstart+PAGE_SIZE);
if (!range || (oldstart < range->start) || (range->end < oldend) if (!range || (oldstart < range->start) || (range->end < oldend)
@@ -7758,15 +7777,6 @@ SYSCALL_DECLARE(mremap)
goto out; goto out;
} }
if (oldend < oldstart) {
error = -EINVAL;
ekprintf("sys_mremap(%#lx,%#lx,%#lx,%#x,%#lx):"
"old range overflow. %d\n",
oldaddr, oldsize0, newsize0, flags, newaddr,
error);
goto out;
}
/* determine new mapping range */ /* determine new mapping range */
need_relocate = 0; need_relocate = 0;
if (flags & MREMAP_FIXED) { if (flags & MREMAP_FIXED) {