Attachment #27375 for bug #64492

View | Details | Raw Unified | Return to bug 64492
Collapse All | Expand All




	end = PAGE_ALIGN(end);
	if (end <= start)
		return;
	do_brk_locked(start, end - start);
}




	/* Map the last of the bss segment */
	if (last_bss > len) {
		do_brk_locked(len, (last_bss - len));
	}
	kfree(elf_phdata);


	unsigned long v;
	struct prda *pp;

	v =  do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);

	if (v < 0)
		return;

	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
	if (bss > len)
	  do_brk_locked(len, bss-len);
	kfree(elf_phdata);
	return 0;
}




	end = PAGE_ALIGN(end);
	if (end <= start)
		return;
	do_brk_locked(start, end - start);
}

/*

	if (N_MAGIC(ex) == NMAGIC) {
		loff_t pos = fd_offset;
		/* Fuck me plenty... */
		error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
			  ex.a_text, &pos);
		error = do_brk_locked(N_DATADDR(ex), ex.a_data);
		bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
			  ex.a_data, &pos);
		goto beyond_if;


	if (N_MAGIC(ex) == OMAGIC) {
		loff_t pos = fd_offset;
		do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
			ex.a_text+ex.a_data + PAGE_SIZE - 1);
		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
			  ex.a_text+ex.a_data, &pos);


		if (!bprm->file->f_op->mmap) {
			loff_t pos = fd_offset;
			do_brk_locked(0, ex.a_text+ex.a_data);
			bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
				  ex.a_text+ex.a_data, &pos);
			goto beyond_if;

	len = PAGE_ALIGN(ex.a_text + ex.a_data);
	bss = ex.a_text + ex.a_data + ex.a_bss;
	if (bss > len) {
		error = do_brk_locked(start_addr + len, bss - len);
		retval = error;
		if (error != start_addr + len)
			goto out;




	end = PAGE_ALIGN(end);
	if (end <= start)
		return;
	do_brk_locked(start, end - start);
}

/*

		loff_t pos = fd_offset;
		/* Fuck me plenty... */
		/* <AOL></AOL> */
		error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
		bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
			  ex.a_text, &pos);
		error = do_brk_locked(N_DATADDR(ex), ex.a_data);
		bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
			  ex.a_data, &pos);
		goto beyond_if;

		map_size = ex.a_text+ex.a_data;
#endif

		error = do_brk_locked(text_addr & PAGE_MASK, map_size);
		if (error != (text_addr & PAGE_MASK)) {
			send_sig(SIGKILL, current, 0);
			return error;


		if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
			loff_t pos = fd_offset;
			do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
			bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
					ex.a_text+ex.a_data, &pos);
			flush_icache_range((unsigned long) N_TXTADDR(ex),

			error_time = jiffies;
		}

		do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
		
		file->f_op->read(file, (char *)start_addr,
			ex.a_text + ex.a_data, &pos);

	len = PAGE_ALIGN(ex.a_text + ex.a_data);
	bss = ex.a_text + ex.a_data + ex.a_bss;
	if (bss > len) {
		error = do_brk_locked(start_addr + len, bss - len);
		retval = error;
		if (error != start_addr + len)
			goto out;




	end = ELF_PAGEALIGN(end);
	if (end <= start)
		return;
	do_brk_locked(start, end - start);
}




	/* Map the last of the bss segment */
	if (last_bss > elf_bss)
		do_brk_locked(elf_bss, last_bss - elf_bss);

	*interp_load_addr = load_addr;
	error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;

		goto out;
	}

	do_brk_locked(0, text_data);
	if (!interpreter->f_op || !interpreter->f_op->read)
		goto out;
	if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)

	flush_icache_range((unsigned long)addr,
	                   (unsigned long)addr + text_data);

	do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
		interp_ex->a_bss);
	elf_entry = interp_ex->a_entry;


	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
	if (bss > len)
		do_brk_locked(len, bss - len);
	error = 0;

out_free_ph:

Lines 570-575 Link Here

(-)linux-2.4.28.orig/include/linux/mm.h (+1 lines)
570	extern int do_munmap(struct mm_struct *, unsigned long, size_t);	570	extern int do_munmap(struct mm_struct *, unsigned long, size_t);
571		571
572	extern unsigned long do_brk(unsigned long, unsigned long);	572	extern unsigned long do_brk(unsigned long, unsigned long);
		573	extern unsigned long do_brk_locked(unsigned long, unsigned long);
573		574
574	static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)	575	static inline void __vma_unlink(struct mm_struct * mm, struct vm_area_struct * vma, struct vm_area_struct * prev)
575	{	576	{

Lines 88-93 Link Here

(-)linux-2.4.28.orig/kernel/ksyms.c (+1 lines)
88	EXPORT_SYMBOL(do_mmap_pgoff);	88	EXPORT_SYMBOL(do_mmap_pgoff);
89	EXPORT_SYMBOL(do_munmap);	89	EXPORT_SYMBOL(do_munmap);
90	EXPORT_SYMBOL(do_brk);	90	EXPORT_SYMBOL(do_brk);
		91	EXPORT_SYMBOL(do_brk_locked);
91	EXPORT_SYMBOL(exit_mm);	92	EXPORT_SYMBOL(exit_mm);
92	EXPORT_SYMBOL(exit_files);	93	EXPORT_SYMBOL(exit_files);
93	EXPORT_SYMBOL(exit_fs);	94	EXPORT_SYMBOL(exit_fs);




	return addr;
}

/* locking version of do_brk. */
unsigned long do_brk_locked(unsigned long addr, unsigned long len)
{
	unsigned long ret;

	down_write(&current->mm->mmap_sem);
	ret = do_brk(addr, len);
	up_write(&current->mm->mmap_sem);

	return ret;
}




/* Build the RB tree corresponding to the VMA list. */
void build_mmap_rb(struct mm_struct * mm)
{

Return to bug 64492

Lines 130-136 Link Here

(-)linux-2.4.28.orig/arch/mips/kernel/irixelf.c (-4 / +4 lines)
130	end = PAGE_ALIGN(end);	130	end = PAGE_ALIGN(end);
131	if (end <= start)	131	if (end <= start)
132	return;	132	return;
133	do_brk(start, end - start);	133	do_brk_locked(start, end - start);
134	}	134	}
135		135
136		136
Lines 379-385 Link Here
379		379
380	/* Map the last of the bss segment */	380	/* Map the last of the bss segment */
381	if (last_bss > len) {	381	if (last_bss > len) {
382	do_brk(len, (last_bss - len));	382	do_brk_locked(len, (last_bss - len));
383	}	383	}
384	kfree(elf_phdata);	384	kfree(elf_phdata);
385		385
Lines 567-573 Link Here
567	unsigned long v;	567	unsigned long v;
568	struct prda *pp;	568	struct prda *pp;
569		569
570	v = do_brk (PRDA_ADDRESS, PAGE_SIZE);	570	v = do_brk_locked (PRDA_ADDRESS, PAGE_SIZE);
571		571
572	if (v < 0)	572	if (v < 0)
573	return;	573	return;
Lines 859-865 Link Here
859	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;	859	len = (elf_phdata->p_filesz + elf_phdata->p_vaddr+ 0xfff) & 0xfffff000;
860	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;	860	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
861	if (bss > len)	861	if (bss > len)
862	do_brk(len, bss-len);	862	do_brk_locked(len, bss-len);
863	kfree(elf_phdata);	863	kfree(elf_phdata);
864	return 0;	864	return 0;
865	}	865	}

Lines 49-55 Link Here

(-)linux-2.4.28.orig/arch/sparc64/kernel/binfmt_aout32.c (-6 / +6 lines)
49	end = PAGE_ALIGN(end);	49	end = PAGE_ALIGN(end);
50	if (end <= start)	50	if (end <= start)
51	return;	51	return;
52	do_brk(start, end - start);	52	do_brk_locked(start, end - start);
53	}	53	}
54		54
55	/*	55	/*
Lines 246-255 Link Here
246	if (N_MAGIC(ex) == NMAGIC) {	246	if (N_MAGIC(ex) == NMAGIC) {
247	loff_t pos = fd_offset;	247	loff_t pos = fd_offset;
248	/* Fuck me plenty... */	248	/* Fuck me plenty... */
249	error = do_brk(N_TXTADDR(ex), ex.a_text);	249	error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
250	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),	250	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
251	ex.a_text, &pos);	251	ex.a_text, &pos);
252	error = do_brk(N_DATADDR(ex), ex.a_data);	252	error = do_brk_locked(N_DATADDR(ex), ex.a_data);
253	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),	253	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
254	ex.a_data, &pos);	254	ex.a_data, &pos);
255	goto beyond_if;	255	goto beyond_if;
Lines 257-263 Link Here
257		257
258	if (N_MAGIC(ex) == OMAGIC) {	258	if (N_MAGIC(ex) == OMAGIC) {
259	loff_t pos = fd_offset;	259	loff_t pos = fd_offset;
260	do_brk(N_TXTADDR(ex) & PAGE_MASK,	260	do_brk_locked(N_TXTADDR(ex) & PAGE_MASK,
261	ex.a_text+ex.a_data + PAGE_SIZE - 1);	261	ex.a_text+ex.a_data + PAGE_SIZE - 1);
262	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),	262	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
263	ex.a_text+ex.a_data, &pos);	263	ex.a_text+ex.a_data, &pos);
Lines 272-278 Link Here
272		272
273	if (!bprm->file->f_op->mmap) {	273	if (!bprm->file->f_op->mmap) {
274	loff_t pos = fd_offset;	274	loff_t pos = fd_offset;
275	do_brk(0, ex.a_text+ex.a_data);	275	do_brk_locked(0, ex.a_text+ex.a_data);
276	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),	276	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
277	ex.a_text+ex.a_data, &pos);	277	ex.a_text+ex.a_data, &pos);
278	goto beyond_if;	278	goto beyond_if;
Lines 388-394 Link Here
388	len = PAGE_ALIGN(ex.a_text + ex.a_data);	388	len = PAGE_ALIGN(ex.a_text + ex.a_data);
389	bss = ex.a_text + ex.a_data + ex.a_bss;	389	bss = ex.a_text + ex.a_data + ex.a_bss;
390	if (bss > len) {	390	if (bss > len) {
391	error = do_brk(start_addr + len, bss - len);	391	error = do_brk_locked(start_addr + len, bss - len);
392	retval = error;	392	retval = error;
393	if (error != start_addr + len)	393	if (error != start_addr + len)
394	goto out;	394	goto out;

Lines 45-51 Link Here

(-)linux-2.4.28.orig/fs/binfmt_aout.c (-7 / +7 lines)
45	end = PAGE_ALIGN(end);	45	end = PAGE_ALIGN(end);
46	if (end <= start)	46	if (end <= start)
47	return;	47	return;
48	do_brk(start, end - start);	48	do_brk_locked(start, end - start);
49	}	49	}
50		50
51	/*	51	/*
Lines 312-321 Link Here
312	loff_t pos = fd_offset;	312	loff_t pos = fd_offset;
313	/* Fuck me plenty... */	313	/* Fuck me plenty... */
314	/* <AOL></AOL> */	314	/* <AOL></AOL> */
315	error = do_brk(N_TXTADDR(ex), ex.a_text);	315	error = do_brk_locked(N_TXTADDR(ex), ex.a_text);
316	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),	316	bprm->file->f_op->read(bprm->file, (char *) N_TXTADDR(ex),
317	ex.a_text, &pos);	317	ex.a_text, &pos);
318	error = do_brk(N_DATADDR(ex), ex.a_data);	318	error = do_brk_locked(N_DATADDR(ex), ex.a_data);
319	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),	319	bprm->file->f_op->read(bprm->file, (char *) N_DATADDR(ex),
320	ex.a_data, &pos);	320	ex.a_data, &pos);
321	goto beyond_if;	321	goto beyond_if;
Lines 336-342 Link Here
336	map_size = ex.a_text+ex.a_data;	336	map_size = ex.a_text+ex.a_data;
337	#endif	337	#endif
338		338
339	error = do_brk(text_addr & PAGE_MASK, map_size);	339	error = do_brk_locked(text_addr & PAGE_MASK, map_size);
340	if (error != (text_addr & PAGE_MASK)) {	340	if (error != (text_addr & PAGE_MASK)) {
341	send_sig(SIGKILL, current, 0);	341	send_sig(SIGKILL, current, 0);
342	return error;	342	return error;
Lines 370-376 Link Here
370		370
371	if (!bprm->file->f_op->mmap\|\|((fd_offset & ~PAGE_MASK) != 0)) {	371	if (!bprm->file->f_op->mmap\|\|((fd_offset & ~PAGE_MASK) != 0)) {
372	loff_t pos = fd_offset;	372	loff_t pos = fd_offset;
373	do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);	373	do_brk_locked(N_TXTADDR(ex), ex.a_text+ex.a_data);
374	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),	374	bprm->file->f_op->read(bprm->file,(char *)N_TXTADDR(ex),
375	ex.a_text+ex.a_data, &pos);	375	ex.a_text+ex.a_data, &pos);
376	flush_icache_range((unsigned long) N_TXTADDR(ex),	376	flush_icache_range((unsigned long) N_TXTADDR(ex),
Lines 467-473 Link Here
467	error_time = jiffies;	467	error_time = jiffies;
468	}	468	}
469		469
470	do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);	470	do_brk_locked(start_addr, ex.a_text + ex.a_data + ex.a_bss);
471		471
472	file->f_op->read(file, (char *)start_addr,	472	file->f_op->read(file, (char *)start_addr,
473	ex.a_text + ex.a_data, &pos);	473	ex.a_text + ex.a_data, &pos);
Lines 491-497 Link Here
491	len = PAGE_ALIGN(ex.a_text + ex.a_data);	491	len = PAGE_ALIGN(ex.a_text + ex.a_data);
492	bss = ex.a_text + ex.a_data + ex.a_bss;	492	bss = ex.a_text + ex.a_data + ex.a_bss;
493	if (bss > len) {	493	if (bss > len) {
494	error = do_brk(start_addr + len, bss - len);	494	error = do_brk_locked(start_addr + len, bss - len);
495	retval = error;	495	retval = error;
496	if (error != start_addr + len)	496	if (error != start_addr + len)
497	goto out;	497	goto out;

Lines 85-91 Link Here

(-)linux-2.4.28.orig/fs/binfmt_elf.c (-5 / +5 lines)
85	end = ELF_PAGEALIGN(end);	85	end = ELF_PAGEALIGN(end);
86	if (end <= start)	86	if (end <= start)
87	return;	87	return;
88	do_brk(start, end - start);	88	do_brk_locked(start, end - start);
89	}	89	}
90		90
91		91
Lines 361-367 Link Here
361		361
362	/* Map the last of the bss segment */	362	/* Map the last of the bss segment */
363	if (last_bss > elf_bss)	363	if (last_bss > elf_bss)
364	do_brk(elf_bss, last_bss - elf_bss);	364	do_brk_locked(elf_bss, last_bss - elf_bss);
365		365
366	*interp_load_addr = load_addr;	366	*interp_load_addr = load_addr;
367	error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;	367	error = ((unsigned long) interp_elf_ex->e_entry) + load_addr;
Lines 398-404 Link Here
398	goto out;	398	goto out;
399	}	399	}
400		400
401	do_brk(0, text_data);	401	do_brk_locked(0, text_data);
402	if (!interpreter->f_op \|\| !interpreter->f_op->read)	402	if (!interpreter->f_op \|\| !interpreter->f_op->read)
403	goto out;	403	goto out;
404	if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)	404	if (interpreter->f_op->read(interpreter, addr, text_data, &offset) < 0)
Lines 406-412 Link Here
406	flush_icache_range((unsigned long)addr,	406	flush_icache_range((unsigned long)addr,
407	(unsigned long)addr + text_data);	407	(unsigned long)addr + text_data);
408		408
409	do_brk(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),	409	do_brk_locked(ELF_PAGESTART(text_data + ELF_MIN_ALIGN - 1),
410	interp_ex->a_bss);	410	interp_ex->a_bss);
411	elf_entry = interp_ex->a_entry;	411	elf_entry = interp_ex->a_entry;
412		412
Lines 920-926 Link Here
920	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);	920	len = ELF_PAGESTART(elf_phdata->p_filesz + elf_phdata->p_vaddr + ELF_MIN_ALIGN - 1);
921	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;	921	bss = elf_phdata->p_memsz + elf_phdata->p_vaddr;
922	if (bss > len)	922	if (bss > len)
923	do_brk(len, bss - len);	923	do_brk_locked(len, bss - len);
924	error = 0;	924	error = 0;
925		925
926	out_free_ph:	926	out_free_ph:

Lines 1116-1121 Link Here

(-)linux-2.4.28.orig/mm/mmap.c (+15 lines)
1116	return addr;	1116	return addr;
1117	}	1117	}
1118		1118
		1119	/* locking version of do_brk. */
		1120	unsigned long do_brk_locked(unsigned long addr, unsigned long len)
		1121	{
		1122	unsigned long ret;
		1123
		1124	down_write(&current->mm->mmap_sem);
		1125	ret = do_brk(addr, len);
		1126	up_write(&current->mm->mmap_sem);
		1127
		1128	return ret;
		1129	}
		1130
		1131
		1132
		1133
1119	/* Build the RB tree corresponding to the VMA list. */	1134	/* Build the RB tree corresponding to the VMA list. */
1120	void build_mmap_rb(struct mm_struct * mm)	1135	void build_mmap_rb(struct mm_struct * mm)
1121	{	1136	{