On Thu, Jul 9, 2015 at 2:44 PM, Oleg Nesterov <[email protected]> wrote: > install_special_mapping(pages) expects that "pages" is the zero- > terminated array while xol_add_vma() passes &area->page, this means > that special_mapping_fault() can wrongly use the next member in > xol_area (vaddr) as "struct page *". > > Fortunately, this area is not expandable so pgoff != 0 isn't possible > (modulo bugs in special_mapping_vmops), but still this does not look > good. >
I fell for that awhile back, too, causing a bizarre HPET bug. What zeroes pages[1]? --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
