userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size
kernel BUG at fs/hugetlbfs/inode.c:484!
was caused by the lack of i_size check in hugetlb_mcopy_atomic_pte.
mmap() can still succeed beyond the end of the i_size after vmtruncate
zapped vmas in those ranges, but the faults must not succeed, and that
We could differentiate the retval to userland to represent a SIGBUS like
a page fault would do (vs SIGSEGV), but it doesn't seem very useful and
we'd need to pick a random retval as there's no meaningful syscall
retval that would differentiate from SIGSEGV and SIGBUS, there's just
Signed-off-by: Andrea Arcangeli <email@example.com>
Reviewed-by: Mike Kravetz <firstname.lastname@example.org>
Cc: Mike Rapoport <email@example.com>
Cc: "Dr. David Alan Gilbert" <firstname.lastname@example.org>
Signed-off-by: Andrew Morton <email@example.com>
Signed-off-by: Linus Torvalds <firstname.lastname@example.org>
1 file changed