From: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Date: Fri, 12 Jul 2019 03:58:47 +0000 (-0700)
Subject: mm/memory.c: fail when offset == num in first check of __vm_map_pages()
X-Git-Tag: v5.3-rc1~120^2~31
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=96756fcb831ddec3ad15f3a107b6e2749084aafb;p=users%2Fjedix%2Flinux-maple.git

mm/memory.c: fail when offset == num in first check of __vm_map_pages()

If the caller asks us for offset == num, we should already fail in the
first check, i.e.  the one testing for offsets beyond the object.

At the moment, we are failing on the second test anyway, since count
cannot be 0.  Still, to agree with the comment of the first test, we
should first test it there.

Link: http://lkml.kernel.org/r/20190528193004.GA7744@gmail.com
Signed-off-by: Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Souptick Joarder <jrdr.linux@gmail.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
Cc: Huang Ying <ying.huang@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---

diff --git a/mm/memory.c b/mm/memory.c
index 0428ff5ee339..ad4bf1a1a0ef 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -1545,7 +1545,7 @@ static int __vm_map_pages(struct vm_area_struct *vma, struct page **pages,
 	int ret, i;
 
 	/* Fail if the user requested offset is beyond the end of the object */
-	if (offset > num)
+	if (offset >= num)
 		return -ENXIO;
 
 	/* Fail if the user requested size exceeds available object size */