From: Greg Kroah-Hartman Date: Fri, 2 Nov 2007 16:21:11 +0000 (-0700) Subject: another 2.6.23 patch X-Git-Tag: v2.6.22.12~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c00b0cec490b77aef3c8e47b68ad6dc8df130801;p=thirdparty%2Fkernel%2Fstable-queue.git another 2.6.23 patch --- diff --git a/queue-2.6.23/remove-broken-ptrace-special-case-code-from-file-mapping.patch b/queue-2.6.23/remove-broken-ptrace-special-case-code-from-file-mapping.patch new file mode 100644 index 00000000000..290f3d49a12 --- /dev/null +++ b/queue-2.6.23/remove-broken-ptrace-special-case-code-from-file-mapping.patch @@ -0,0 +1,68 @@ +From 5307cc1aa53850f017c8053db034cf950b670ac9 Mon Sep 17 00:00:00 2001 +From: Linus Torvalds +Date: Wed, 31 Oct 2007 09:19:46 -0700 +Subject: Remove broken ptrace() special-case code from file mapping + +The kernel has for random historical reasons allowed ptrace() accesses +to access (and insert) pages into the page cache above the size of the +file. + +However, Nick broke that by mistake when doing the new fault handling in +commit 54cb8821de07f2ffcd28c380ce9b93d5784b40d7 ("mm: merge populate and +nopage into fault (fixes nonlinear)". The breakage caused a hang with +gdb when trying to access the invalid page. + +The ptrace "feature" really isn't worth resurrecting, since it really is +wrong both from a portability _and_ from an internal page cache validity +standpoint. So this removes those old broken remnants, and fixes the +ptrace() hang in the process. + +Noticed and bisected by Duane Griffin, who also supplied a test-case +(quoth Nick: "Well that's probably the best bug report I've ever had, +thanks Duane!"). + +Cc: Duane Griffin +Acked-by: Nick Piggin +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + mm/filemap.c | 13 ++----------- + 1 file changed, 2 insertions(+), 11 deletions(-) + +--- a/mm/filemap.c ++++ b/mm/filemap.c +@@ -1312,7 +1312,7 @@ int filemap_fault(struct vm_area_struct + + size = (i_size_read(inode) + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT; + if (vmf->pgoff >= size) +- goto outside_data_content; ++ return VM_FAULT_SIGBUS; + + /* If we don't want any read-ahead, don't bother */ + if (VM_RandomReadHint(vma)) +@@ -1389,7 +1389,7 @@ retry_find: + if (unlikely(vmf->pgoff >= size)) { + unlock_page(page); + page_cache_release(page); +- goto outside_data_content; ++ return VM_FAULT_SIGBUS; + } + + /* +@@ -1400,15 +1400,6 @@ retry_find: + vmf->page = page; + return ret | VM_FAULT_LOCKED; + +-outside_data_content: +- /* +- * An external ptracer can access pages that normally aren't +- * accessible.. +- */ +- if (vma->vm_mm == current->mm) +- return VM_FAULT_SIGBUS; +- +- /* Fall through to the non-read-ahead case */ + no_cached_page: + /* + * We're only likely to ever get here if MADV_RANDOM is in diff --git a/queue-2.6.23/series b/queue-2.6.23/series index 358bd8276e9..7501c7c1208 100644 --- a/queue-2.6.23/series +++ b/queue-2.6.23/series @@ -10,3 +10,4 @@ hwmon-lm87-fix-a-division-by-zero.patch hwmon-lm87-disable-vid-when-it-should-be.patch add-get_unaligned-to-ieee80211_get_radiotap_len.patch mac80211-improve-sanity-checks-on-injected-packets.patch +remove-broken-ptrace-special-case-code-from-file-mapping.patch