[PATCH] fix remap_pte_range BUG

Out-of-tree user of remap_pfn_range hit kernel BUG at mm/memory.c:1112!
It passes an unrounded size to remap_pfn_range, which was okay before
2.6.12, but misses remap_pte_range's new end condition.  An audit of
all the other ptwalks confirms that this is the only one so exposed.

Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Chris Wright <chrisw@osdl.org>

diff --git a/mm/memory.c b/mm/memory.c
index d209f745db7fbc3154e83cf04666770068986724..2f88f084fea52fa17af3c4c370497fa6f4803438 100644 (file)
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -1164,7 +1164,7 @@ int remap_pfn_range(struct vm_area_struct *vma, unsigned long addr,
 {
        pgd_t *pgd;
        unsigned long next;
-       unsigned long end = addr + size;
+       unsigned long end = addr + PAGE_ALIGN(size);
        struct mm_struct *mm = vma->vm_mm;
        int err;