[PATCH] Don't map the same page too much

Refuse to install a page into a mapping if the mapping count is already
ridiculously large.

You probably cannot trigger this on 32-bit architectures, but on a
64-bit setup we should protect against it.

Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/mm/fremap.c b/mm/fremap.c
index 3235fb77c1331499c18510ceda2dd87867a73a23..ab23a0673c351cc8ed263cfcea5f280c4736bbc9 100644 (file)
--- a/mm/fremap.c
+++ b/mm/fremap.c
@@ -89,6 +89,9 @@ int install_page(struct mm_struct *mm, struct vm_area_struct *vma,
        size = (i_size_read(inode) + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT;
        if (!page->mapping || page->index >= size)
                goto err_unlock;
+       err = -ENOMEM;
+       if (page_mapcount(page) > INT_MAX/2)
+               goto err_unlock;
 
        zap_pte(mm, vma, addr, pte);