From 15f572ef9c56708dc32ce92395c789241eb999c3 Mon Sep 17 00:00:00 2001
From: NAKAMURA Gou <go.nakamura.yw@hitachi-solutions.com>
Date: Tue, 15 Mar 2016 13:45:54 +0900
Subject: [PATCH] mmap: return -ENOMEM if speicified range is out of range

---
 arch/x86/kernel/syscall.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/arch/x86/kernel/syscall.c b/arch/x86/kernel/syscall.c
index 4a6578b3..694a37cf 100644
--- a/arch/x86/kernel/syscall.c
+++ b/arch/x86/kernel/syscall.c
@@ -1260,11 +1260,7 @@ SYSCALL_DECLARE(mmap)
 	addr = (flags & MAP_FIXED)? addr0: VALID_DUMMY_ADDR;
 	len = (len0 + PAGE_SIZE - 1) & PAGE_MASK;
 	if ((addr & (PAGE_SIZE - 1))
-			|| (addr < region->user_start)
-			|| (region->user_end <= addr)
 			|| (len == 0)
-			|| (len > (region->user_end - region->user_start))
-			|| ((region->user_end - len) < addr)
 			|| !(flags & (MAP_SHARED | MAP_PRIVATE))
 			|| ((flags & MAP_SHARED) && (flags & MAP_PRIVATE))
 			|| (off0 & (PAGE_SIZE - 1))) {
@@ -1274,6 +1270,15 @@ SYSCALL_DECLARE(mmap)
 		goto out;
 	}
 
+	if ((addr < region->user_start)
+			|| (region->user_end <= addr)
+			|| ((region->user_end - addr) < len)) {
+		ekprintf("sys_mmap(%lx,%lx,%x,%x,%x,%lx):ENOMEM\n",
+				addr0, len0, prot, flags, fd, off0);
+		error = -ENOMEM;
+		goto out;
+	}
+
 	/* check not supported requests */
 	if ((flags & error_flags)
 			|| (flags & ~(supported_flags | ignored_flags))) {