]>
Commit | Line | Data |
---|---|---|
00e5a55c BS |
1 | From: Andrea Arcangeli <andrea@suse.de> |
2 | Subject: avoid silent stack overflow over the heap | |
3 | Patch-mainline: no | |
4 | References: SUSE44807 | |
5 | ||
6 | x | |
7 | ||
8 | Signed-off-by: Andrea Arcangeli <andrea@suse.de> | |
9 | ||
10 | Automatically created from "patches.suse/silent-stack-overflow" by xen-port-patches.py | |
11 | ||
12 | Index: head-2008-10-13/arch/x86/mm/fault-xen.c | |
13 | =================================================================== | |
14 | --- head-2008-10-13.orig/arch/x86/mm/fault-xen.c 2008-10-13 15:28:47.000000000 +0200 | |
15 | +++ head-2008-10-13/arch/x86/mm/fault-xen.c 2008-10-13 15:32:57.000000000 +0200 | |
16 | @@ -598,7 +598,7 @@ void __kprobes do_page_fault(struct pt_r | |
17 | { | |
18 | struct task_struct *tsk; | |
19 | struct mm_struct *mm; | |
20 | - struct vm_area_struct *vma; | |
21 | + struct vm_area_struct *vma, *prev_vma; | |
22 | unsigned long address; | |
23 | int write, si_code; | |
24 | int fault; | |
25 | @@ -748,7 +748,13 @@ again: | |
26 | if (address + 65536 + 32 * sizeof(unsigned long) < regs->sp) | |
27 | goto bad_area; | |
28 | } | |
29 | - if (expand_stack(vma, address)) | |
30 | + /* | |
31 | + * find_vma_prev is just a bit slower, because it cannot | |
32 | + * use the mmap_cache, so we run it only in the growsdown | |
33 | + * slow path and we leave find_vma in the fast path. | |
34 | + */ | |
35 | + find_vma_prev(current->mm, address, &prev_vma); | |
36 | + if (expand_stack(vma, address, prev_vma)) | |
37 | goto bad_area; | |
38 | /* | |
39 | * Ok, we have a good vm_area for this memory access, so |