From 6ac51e910b3db9420cd482dd7d2ff61d9f88ca84 Mon Sep 17 00:00:00 2001
From: Chris Wright <chrisw@sous-sol.org>
Date: Fri, 17 Feb 2006 15:19:51 -0800
Subject: [PATCH] mbind sanity check

---
 queue/series                          |  1 +
 queue/sys_mbind-sanity-checking.patch | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 queue/sys_mbind-sanity-checking.patch

diff --git a/queue/series b/queue/series
index 72fa12ad140..810e45a62d8 100644
--- a/queue/series
+++ b/queue/series
@@ -15,3 +15,4 @@ fix-s390-build-failure.patch
 fix-deadlock-in-br_stp_disable_bridge.patch
 fix-zap_thread-s-ptrace-related-problems.patch
 fix-deadlock-in-ext2.patch
+sys_mbind-sanity-checking.patch
diff --git a/queue/sys_mbind-sanity-checking.patch b/queue/sys_mbind-sanity-checking.patch
new file mode 100644
index 00000000000..9f9d4645bdb
--- /dev/null
+++ b/queue/sys_mbind-sanity-checking.patch
@@ -0,0 +1,26 @@
+From nobody Mon Sep 17 00:00:00 2001
+From: Chris Wright <chrisw@sous-sol.org>
+Date: Fri Feb 17 13:59:36 2006 -0800
+Subject: [PATCH] sys_mbind sanity checking
+
+Make sure maxnodes is safe size before calculating nlongs in
+get_nodes().
+
+Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+---
+
+ mm/mempolicy.c |    2 ++
+ 1 files changed, 2 insertions(+)
+
+--- linux-2.6.15.4.orig/mm/mempolicy.c
++++ linux-2.6.15.4/mm/mempolicy.c
+@@ -524,6 +524,8 @@ static int get_nodes(nodemask_t *nodes, 
+ 	nodes_clear(*nodes);
+ 	if (maxnode == 0 || !nmask)
+ 		return 0;
++	if (maxnode > PAGE_SIZE)
++		return -EINVAL;
+ 
+ 	nlongs = BITS_TO_LONGS(maxnode);
+ 	if ((maxnode % BITS_PER_LONG) == 0)
-- 
2.47.3