diff options
| author | Jason Gunthorpe <jgg@nvidia.com> | 2022-12-09 15:52:17 -0400 |
|---|---|---|
| committer | Jason Gunthorpe <jgg@nvidia.com> | 2022-12-09 15:52:17 -0400 |
| commit | d69e8c63fcbbf695ff7ff2c6d26efead23cfbb3a (patch) | |
| tree | 4d714ecd331233069ab718989bb017dfd934e129 /drivers/android/binder_alloc.c | |
| parent | 6cfe7bd0dfd33033683639039b5608d6534c19eb (diff) | |
| parent | 76dcd734eca23168cb008912c0f69ff408905235 (diff) | |
Merge tag 'v6.1-rc8' into rdma.git for-next
For dependencies in following patches
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Diffstat (limited to 'drivers/android/binder_alloc.c')
| -rw-r--r-- | drivers/android/binder_alloc.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c index 1c39cfce32fa..4ad42b0f75cd 100644 --- a/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c @@ -739,6 +739,12 @@ int binder_alloc_mmap_handler(struct binder_alloc *alloc, const char *failure_string; struct binder_buffer *buffer; + if (unlikely(vma->vm_mm != alloc->mm)) { + ret = -EINVAL; + failure_string = "invalid vma->vm_mm"; + goto err_invalid_mm; + } + mutex_lock(&binder_alloc_mmap_lock); if (alloc->buffer_size) { ret = -EBUSY; @@ -785,6 +791,7 @@ err_alloc_pages_failed: alloc->buffer_size = 0; err_already_mapped: mutex_unlock(&binder_alloc_mmap_lock); +err_invalid_mm: binder_alloc_debug(BINDER_DEBUG_USER_ERROR, "%s: %d %lx-%lx %s failed %d\n", __func__, alloc->pid, vma->vm_start, vma->vm_end, |