Attachment #27368 for bug #64492

View | Details | Raw Unified | Return to bug 64492
Collapse All | Expand All




	end = PAGE_ALIGN(end);
	if (end <= start)
		return;
	do_brk_unlocked(start, end - start);
}




	/* Map the last of the bss segment */
	if (last_bss > len) {
		do_brk_unlocked(len, (last_bss - len));
	}
	kfree(elf_phdata);


	unsigned long v;
	struct prda *pp;

	v =  do_brk_unlocked (PRDA_ADDRESS, PAGE_SIZE);

	if (v < 0)
		return;

	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
	if (bss > len)
	  do_brk_unlocked(len, bss-len);
	kfree(elf_phdata);
	return 0;
}




	end = PAGE_ALIGN(end);
	if (end <= start)
		return;
	do_brk_unlocked(start, end - start);
}

/*

	if (N_MAGIC(ex) == NMAGIC) {
		loff_t pos = fd_offset;
		/* Fuck me plenty... */
		error = do_brk_unlocked(N_TXTADDR(ex), ex.a_text);
		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
			  ex.a_text, &pos);
		error = do_brk_unlocked(N_DATADDR(ex), ex.a_data);
		bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
			  ex.a_data, &pos);
		goto beyond_if;


	if (N_MAGIC(ex) == OMAGIC) {
		loff_t pos = fd_offset;
		do_brk_unlocked(N_TXTADDR(ex) & PAGE_MASK,
			ex.a_text+ex.a_data + PAGE_SIZE - 1);
		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
			  ex.a_text+ex.a_data, &pos);


		if (!bprm->file->f_op->mmap) {
			loff_t pos = fd_offset;
			do_brk_unlocked(0, ex.a_text+ex.a_data);
			bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
				  ex.a_text+ex.a_data, &pos);
			goto beyond_if;

	len = PAGE_ALIGN(ex.a_text + ex.a_data);
	bss = ex.a_text + ex.a_data + ex.a_bss;
	if (bss > len) {
		error = do_brk_unlocked(start_addr + len, bss - len);
		retval = error;
		if (error != start_addr + len)
			goto out;




	start = PAGE_ALIGN(start);
	end = PAGE_ALIGN(end);
	if (end > start) {
		unsigned long addr = do_brk_unlocked(start, end - start);
		if (BAD_ADDR(addr))
			return addr;
	}

		loff_t pos = fd_offset;
		/* Fuck me plenty... */
		/* <AOL></AOL> */
		error = do_brk_unlocked(N_TXTADDR(ex), ex.a_text);
		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
			  ex.a_text, &pos);
		error = do_brk_unlocked(N_DATADDR(ex), ex.a_data);
		bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
			  ex.a_data, &pos);
		goto beyond_if;

		map_size = ex.a_text+ex.a_data;
#endif

		error = do_brk_unlocked(text_addr & PAGE_MASK, map_size);
		if (error != (text_addr & PAGE_MASK)) {
			send_sig(SIGKILL, current, 0);
			return error;


		if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
			loff_t pos = fd_offset;
			do_brk_unlocked(N_TXTADDR(ex), ex.a_text+ex.a_data);
			bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
					ex.a_text+ex.a_data, &pos);
			flush_icache_range((unsigned long) N_TXTADDR(ex),

			error_time = jiffies;
		}

		do_brk_unlocked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
		
		file->f_op->read(file, (char *)start_addr,
			ex.a_text + ex.a_data, &pos);

	len = PAGE_ALIGN(ex.a_text + ex.a_data);
	bss = ex.a_text + ex.a_data + ex.a_bss;
	if (bss > len) {
		error = do_brk_unlocked(start_addr + len, bss - len);
		retval = error;
		if (error != start_addr + len)
			goto out;

Lines 591-600 found: Link Here

(-)x/fs/binfmt_coff.c.~1~ (-2 / +2 lines)
591	* XXX: untested.	591	* XXX: untested.
592	*/	592	*/
593	loff_t pos = data.scnptr;	593	loff_t pos = data.scnptr;
594	status = do_brk(text.vaddr, text.size);	594	status = do_brk_unlocked(text.vaddr, text.size);
595	bprm->file->f_op->read(bprm->file,	595	bprm->file->f_op->read(bprm->file,
596	(char *)data.vaddr, data.scnptr, &pos);	596	(char *)data.vaddr, data.scnptr, &pos);
597	status = do_brk(data.vaddr, data.size);	597	status = do_brk_unlocked(data.vaddr, data.size);
598	bprm->file->f_op->read(bprm->file,	598	bprm->file->f_op->read(bprm->file,
599	(char *)text.vaddr, text.scnptr, &pos);	599	(char *)text.vaddr, text.scnptr, &pos);
600	status = 0;	600	status = 0;




	end = ELF_PAGEALIGN(end);
	if (end <= start)
		return 0;
	return do_brk_unlocked(start, end - start);
}




	/* Map the last of the bss segment */
	if (last_bss > elf_bss) {
		error = do_brk_unlocked(elf_bss, last_bss - elf_bss);
		if (BAD_ADDR(error))
			goto out_close;
	}

		goto out;
	}

	do_brk_unlocked(0, text_data);
	retval = -ENOEXEC;
	if (!interpreter->f_op || !interpreter->f_op->read)
		goto out;

	flush_icache_range((unsigned long)addr,
	                   (unsigned long)addr + text_data);

	do_brk_unlocked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
		interp_ex->a_bss);
	elf_entry = interp_ex->a_entry;


	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
	if (bss > len) {
		error = do_brk_unlocked(len, bss - len);
		if (BAD_ADDR(error))
			goto out_free_ph;
	}

Lines 662-667 out: Link Here

(-)x/include/linux/mm.h.~1~ (+1 lines)
662	extern int do_munmap(struct mm_struct *, unsigned long, size_t);	662	extern int do_munmap(struct mm_struct *, unsigned long, size_t);
663		663
664	extern unsigned long do_brk(unsigned long, unsigned long);	664	extern unsigned long do_brk(unsigned long, unsigned long);
		665	extern unsigned long do_brk_unlocked(unsigned long, unsigned long);
665		666
666	static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)	667	static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)
667	{	668	{

Lines 110-115 EXPORT_SYMBOL(kallsyms_address_to_symbol Link Here

(-)x/kernel/ksyms.c.~1~ (+1 lines)
110	EXPORT_SYMBOL(do_mmap_pgoff);	110	EXPORT_SYMBOL(do_mmap_pgoff);
111	EXPORT_SYMBOL(do_munmap);	111	EXPORT_SYMBOL(do_munmap);
112	EXPORT_SYMBOL(do_brk);	112	EXPORT_SYMBOL(do_brk);
		113	EXPORT_SYMBOL(do_brk_unlocked);
113	EXPORT_SYMBOL(exit_mm);	114	EXPORT_SYMBOL(exit_mm);
114	EXPORT_SYMBOL(exit_files);	115	EXPORT_SYMBOL(exit_files);
115	EXPORT_SYMBOL(exit_fs);	116	EXPORT_SYMBOL(exit_fs);




	return addr;
}

unsigned long do_brk_unlocked(unsigned long addr, unsigned long len)
{
	unsigned long ret;

	down_write(&current->mm->mmap_sem);
	ret = do_brk(addr, len);
	up_write(&current->mm->mmap_sem);

	return ret;
}

/* Build the RB tree corresponding to the VMA list. */
void build_mmap_rb(struct mm_struct * mm)
{

Return to bug 64492

Lines 130-136 static void set_brk(unsigned long start, Link Here

(-)x/arch/mips/kernel/irixelf.c.~1~ (-4 / +4 lines)
130	end = PAGE_ALIGN(end);	130	end = PAGE_ALIGN(end);
131	if (end <= start)	131	if (end <= start)
132	return;	132	return;
133	do_brk(start, end - start);	133	do_brk_unlocked(start, end - start);
134	}	134	}
135		135
136		136
Lines 379-385 static unsigned int load_irix_interp(str Link Here
379		379
380	/* Map the last of the bss segment */	380	/* Map the last of the bss segment */
381	if (last_bss > len) {	381	if (last_bss > len) {
382	do_brk(len, (last_bss - len));	382	do_brk_unlocked(len, (last_bss - len));
383	}	383	}
384	kfree(elf_phdata);	384	kfree(elf_phdata);
385		385
Lines 567-573 void irix_map_prda_page (void) Link Here
567	unsigned long v;	567	unsigned long v;
568	struct prda *pp;	568	struct prda *pp;
569		569
570	v = do_brk (PRDA_ADDRESS, PAGE_SIZE);	570	v = do_brk_unlocked (PRDA_ADDRESS, PAGE_SIZE);
571		571
572	if (v < 0)	572	if (v < 0)
573	return;	573	return;
Lines 859-865 static int load_irix_library(struct file Link Here
859	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;	859	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
860	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;	860	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
861	if (bss > len)	861	if (bss > len)
862	do_brk(len, bss-len);	862	do_brk_unlocked(len, bss-len);
863	kfree(elf_phdata);	863	kfree(elf_phdata);
864	return 0;	864	return 0;
865	}	865	}

Lines 49-55 static void set_brk(unsigned long start, Link Here

(-)x/arch/sparc64/kernel/binfmt_aout32.c.~1~ (-6 / +6 lines)
49	end = PAGE_ALIGN(end);	49	end = PAGE_ALIGN(end);
50	if (end <= start)	50	if (end <= start)
51	return;	51	return;
52	do_brk(start, end - start);	52	do_brk_unlocked(start, end - start);
53	}	53	}
54		54
55	/*	55	/*
Lines 246-255 static int load_aout32_binary(struct lin Link Here
246	if (N_MAGIC(ex) == NMAGIC) {	246	if (N_MAGIC(ex) == NMAGIC) {
247	loff_t pos = fd_offset;	247	loff_t pos = fd_offset;
248	/* Fuck me plenty... */	248	/* Fuck me plenty... */
249	error = do_brk(N_TXTADDR(ex), ex.a_text);	249	error = do_brk_unlocked(N_TXTADDR(ex), ex.a_text);
250	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),	250	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
251	ex.a_text, &pos);	251	ex.a_text, &pos);
252	error = do_brk(N_DATADDR(ex), ex.a_data);	252	error = do_brk_unlocked(N_DATADDR(ex), ex.a_data);
253	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),	253	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
254	ex.a_data, &pos);	254	ex.a_data, &pos);
255	goto beyond_if;	255	goto beyond_if;
Lines 257-263 static int load_aout32_binary(struct lin Link Here
257		257
258	if (N_MAGIC(ex) == OMAGIC) {	258	if (N_MAGIC(ex) == OMAGIC) {
259	loff_t pos = fd_offset;	259	loff_t pos = fd_offset;
260	do_brk(N_TXTADDR(ex) & PAGE_MASK,	260	do_brk_unlocked(N_TXTADDR(ex) & PAGE_MASK,
261	ex.a_text+ex.a_data + PAGE_SIZE - 1);	261	ex.a_text+ex.a_data + PAGE_SIZE - 1);
262	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),	262	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
263	ex.a_text+ex.a_data, &pos);	263	ex.a_text+ex.a_data, &pos);
Lines 272-278 static int load_aout32_binary(struct lin Link Here
272		272
273	if (!bprm->file->f_op->mmap) {	273	if (!bprm->file->f_op->mmap) {
274	loff_t pos = fd_offset;	274	loff_t pos = fd_offset;
275	do_brk(0, ex.a_text+ex.a_data);	275	do_brk_unlocked(0, ex.a_text+ex.a_data);
276	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),	276	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
277	ex.a_text+ex.a_data, &pos);	277	ex.a_text+ex.a_data, &pos);
278	goto beyond_if;	278	goto beyond_if;
Lines 388-394 static int load_aout32_library(struct fi Link Here
388	len = PAGE_ALIGN(ex.a_text + ex.a_data);	388	len = PAGE_ALIGN(ex.a_text + ex.a_data);
389	bss = ex.a_text + ex.a_data + ex.a_bss;	389	bss = ex.a_text + ex.a_data + ex.a_bss;
390	if (bss > len) {	390	if (bss > len) {
391	error = do_brk(start_addr + len, bss - len);	391	error = do_brk_unlocked(start_addr + len, bss - len);
392	retval = error;	392	retval = error;
393	if (error != start_addr + len)	393	if (error != start_addr + len)
394	goto out;	394	goto out;

Lines 46-52 static int set_brk(unsigned long start, Link Here

(-)x/fs/binfmt_aout.c.~1~ (-7 / +7 lines)
46	start = PAGE_ALIGN(start);	46	start = PAGE_ALIGN(start);
47	end = PAGE_ALIGN(end);	47	end = PAGE_ALIGN(end);
48	if (end > start) {	48	if (end > start) {
49	unsigned long addr = do_brk(start, end - start);	49	unsigned long addr = do_brk_unlocked(start, end - start);
50	if (BAD_ADDR(addr))	50	if (BAD_ADDR(addr))
51	return addr;	51	return addr;
52	}	52	}
Lines 317-326 static int load_aout_binary(struct linux Link Here
317	loff_t pos = fd_offset;	317	loff_t pos = fd_offset;
318	/* Fuck me plenty... */	318	/* Fuck me plenty... */
319	/* <AOL></AOL> */	319	/* <AOL></AOL> */
320	error = do_brk(N_TXTADDR(ex), ex.a_text);	320	error = do_brk_unlocked(N_TXTADDR(ex), ex.a_text);
321	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),	321	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
322	ex.a_text, &pos);	322	ex.a_text, &pos);
323	error = do_brk(N_DATADDR(ex), ex.a_data);	323	error = do_brk_unlocked(N_DATADDR(ex), ex.a_data);
324	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),	324	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
325	ex.a_data, &pos);	325	ex.a_data, &pos);
326	goto beyond_if;	326	goto beyond_if;
Lines 341-347 static int load_aout_binary(struct linux Link Here
341	map_size = ex.a_text+ex.a_data;	341	map_size = ex.a_text+ex.a_data;
342	#endif	342	#endif
343		343
344	error = do_brk(text_addr & PAGE_MASK, map_size);	344	error = do_brk_unlocked(text_addr & PAGE_MASK, map_size);
345	if (error != (text_addr & PAGE_MASK)) {	345	if (error != (text_addr & PAGE_MASK)) {
346	send_sig(SIGKILL, current, 0);	346	send_sig(SIGKILL, current, 0);
347	return error;	347	return error;
Lines 375-381 static int load_aout_binary(struct linux Link Here
375		375
376	if (!bprm->file->f_op->mmap\|\|((fd_offset & ~PAGE_MASK) != 0)) {	376	if (!bprm->file->f_op->mmap\|\|((fd_offset & ~PAGE_MASK) != 0)) {
377	loff_t pos = fd_offset;	377	loff_t pos = fd_offset;
378	do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);	378	do_brk_unlocked(N_TXTADDR(ex), ex.a_text+ex.a_data);
379	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),	379	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
380	ex.a_text+ex.a_data, &pos);	380	ex.a_text+ex.a_data, &pos);
381	flush_icache_range((unsigned long) N_TXTADDR(ex),	381	flush_icache_range((unsigned long) N_TXTADDR(ex),
Lines 476-482 static int load_aout_library(struct file Link Here
476	error_time = jiffies;	476	error_time = jiffies;
477	}	477	}
478		478
479	do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);	479	do_brk_unlocked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
480		480
481	file->f_op->read(file, (char *)start_addr,	481	file->f_op->read(file, (char *)start_addr,
482	ex.a_text + ex.a_data, &pos);	482	ex.a_text + ex.a_data, &pos);
Lines 500-506 static int load_aout_library(struct file Link Here
500	len = PAGE_ALIGN(ex.a_text + ex.a_data);	500	len = PAGE_ALIGN(ex.a_text + ex.a_data);
501	bss = ex.a_text + ex.a_data + ex.a_bss;	501	bss = ex.a_text + ex.a_data + ex.a_bss;
502	if (bss > len) {	502	if (bss > len) {
503	error = do_brk(start_addr + len, bss - len);	503	error = do_brk_unlocked(start_addr + len, bss - len);
504	retval = error;	504	retval = error;
505	if (error != start_addr + len)	505	if (error != start_addr + len)
506	goto out;	506	goto out;

Lines 85-91 static unsigned long set_brk(unsigned lo Link Here

(-)x/fs/binfmt_elf.c.~1~ (-5 / +5 lines)
85	end = ELF_PAGEALIGN(end);	85	end = ELF_PAGEALIGN(end);
86	if (end <= start)	86	if (end <= start)
87	return 0;	87	return 0;
88	return do_brk(start, end - start);	88	return do_brk_unlocked(start, end - start);
89	}	89	}
90		90
91		91
Lines 362-368 static unsigned long load_elf_interp(str Link Here
362		362
363	/* Map the last of the bss segment */	363	/* Map the last of the bss segment */
364	if (last_bss > elf_bss) {	364	if (last_bss > elf_bss) {
365	error = do_brk(elf_bss, last_bss - elf_bss);	365	error = do_brk_unlocked(elf_bss, last_bss - elf_bss);
366	if (BAD_ADDR(error))	366	if (BAD_ADDR(error))
367	goto out_close;	367	goto out_close;
368	}	368	}
Lines 403-409 static unsigned long load_aout_interp(st Link Here
403	goto out;	403	goto out;
404	}	404	}
405		405
406	do_brk(0, text_data);	406	do_brk_unlocked(0, text_data);
407	retval = -ENOEXEC;	407	retval = -ENOEXEC;
408	if (!interpreter->f_op \|\| !interpreter->f_op->read)	408	if (!interpreter->f_op \|\| !interpreter->f_op->read)
409	goto out;	409	goto out;
Lines 413-419 static unsigned long load_aout_interp(st Link Here
413	flush_icache_range((unsigned long)addr,	413	flush_icache_range((unsigned long)addr,
414	(unsigned long)addr + text_data);	414	(unsigned long)addr + text_data);
415		415
416	do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),	416	do_brk_unlocked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
417	interp_ex->a_bss);	417	interp_ex->a_bss);
418	elf_entry = interp_ex->a_entry;	418	elf_entry = interp_ex->a_entry;
419		419
Lines 930-936 static int load_elf_library(struct file Link Here
930	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);	930	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
931	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;	931	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
932	if (bss > len) {	932	if (bss > len) {
933	error = do_brk(len, bss - len);	933	error = do_brk_unlocked(len, bss - len);
934	if (BAD_ADDR(error))	934	if (BAD_ADDR(error))
935	goto out_free_ph;	935	goto out_free_ph;
936	}	936	}

Lines 1179-1184 out: Link Here

(-)x/mm/mmap.c.~1~ (+11 lines)
1179	return addr;	1179	return addr;
1180	}	1180	}
1181		1181
		1182	unsigned long do_brk_unlocked(unsigned long addr, unsigned long len)
		1183	{
		1184	unsigned long ret;
		1185
		1186	down_write(&current->mm->mmap_sem);
		1187	ret = do_brk(addr, len);
		1188	up_write(&current->mm->mmap_sem);
		1189
		1190	return ret;
		1191	}
		1192
1182	/* Build the RB tree corresponding to the VMA list. */	1193	/* Build the RB tree corresponding to the VMA list. */
1183	void build_mmap_rb(struct mm_struct * mm)	1194	void build_mmap_rb(struct mm_struct * mm)
1184	{	1195	{