Andrew Banman c7bde2000d mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() ... commit 5f0f2887f4 upstream. test_pages_in_a_zone() does not account for the possibility of missing sections in the given pfn range. pfn_valid_within always returns 1 when CONFIG_HOLES_IN_ZONE is not set, allowing invalid pfns from missing sections to pass the test, leading to a kernel oops. Wrap an additional pfn loop with PAGES_PER_SECTION granularity to check for missing sections before proceeding into the zone-check code. This also prevents a crash from offlining memory devices with missing sections. Despite this, it may be a good idea to keep the related patch '[PATCH 3/3] drivers: memory: prohibit offlining of memory blocks with missing sections' because missing sections in a memory block may lead to other problems not covered by the scope of this fix. Signed-off-by: Andrew Banman <abanman@sgi.com> Acked-by: Alex Thorlton <athorlton@sgi.com> Cc: Russ Anderson <rja@sgi.com> Cc: Alex Thorlton <athorlton@sgi.com> Cc: Yinghai Lu <yinghai@kernel.org> Cc: Greg KH <greg@kroah.com> Cc: Seth Jennings <sjennings@variantweb.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Ben Hutchings <ben@decadent.org.uk> (cherry picked from commit 17f6a291c9) Signed-off-by: Willy Tarreau <w@1wt.eu>		2016-01-29 22:12:58 +01:00
..
allocpercpu.c	percpu: use dynamic percpu allocator as the default percpu allocator	2009-06-24 15:13:35 +09:00
backing-dev.c	writeback: fixups for !dirty_writeback_centisecs	2012-03-17 11:14:47 +01:00
bootmem.c	kmemleak: Do not report alloc_bootmem blocks as leaks	2009-08-27 14:29:17 +01:00
bounce.c	bounce: call flush_dcache_page() after bounce_copy_vec()	2010-09-20 13:17:54 -07:00
debug-pagealloc.c	generic debug pagealloc	2009-04-01 08:59:13 -07:00
dmapool.c	dmapools: protect page_list walk in show_pools()	2009-06-30 18:56:00 -07:00
fadvise.c	readahead: introduce FMODE_RANDOM for POSIX_FADV_RANDOM	2010-03-15 08:49:37 -07:00
failslab.c	kmemtrace, mm: fix slab.h dependency problem in mm/failslab.c	2009-04-03 12:23:01 +02:00
filemap_xip.c	mm/filemap_xip.c: fix race condition in xip_file_fault()	2012-02-13 11:28:48 -08:00
filemap.c	vfs: __read_cache_page should use gfp argument rather than GFP_KERNEL	2012-01-06 15:38:01 -08:00
fremap.c	Do not account for the address space used by hugetlbfs using VM_ACCOUNT	2009-02-10 10:48:42 -08:00
highmem.c	highmem: Fix debug_kmap_atomic() to also handle KM_IRQ_PTE, KM_NMI, and KM_NMI_PTE	2009-11-10 04:15:47 +01:00
hugetlb.c	mm: hugetlbfs: skip shared VMAs when unmapping private pages to satisfy a fault	2015-12-06 00:49:14 +01:00
hwpoison-inject.c	HWPOISON: Add simple debugfs interface to inject hwpoison on arbitary PFNs	2009-09-16 11:50:17 +02:00
init-mm.c	mm: consolidate init_mm definition	2009-06-16 19:47:28 -07:00
internal.h	mm: fix is_mem_section_removable() page_order BUG_ON check	2010-12-09 13:26:40 -08:00
Kconfig	NOMMU: Optimise away the {dac_,}mmap_min_addr tests	2010-01-06 15:04:30 -08:00
Kconfig.debug	trivial: improve help text for mm debug config options	2009-09-21 15:14:57 +02:00
kmemcheck.c	kmemcheck: add hooks for the page allocator	2009-06-15 15:48:33 +02:00
kmemleak-test.c	percpu: clean up percpu variable definitions	2009-06-24 15:13:48 +09:00
kmemleak.c	mm: kmemleak: allow safe memory scanning during kmemleak disabling	2015-09-18 13:52:13 +02:00
ksm.c	ksm: fix NULL pointer dereference in scan_get_next_rmap_item()	2011-07-13 05:29:23 +02:00
maccess.c	[S390] maccess: add weak attribute to probe_kernel_write	2009-06-12 10:27:37 +02:00
madvise.c	mm: Hold a file reference in madvise_remove	2012-10-07 23:37:58 +02:00
Makefile	procfs: disable per-task stack usage on NOMMU	2009-09-24 17:11:24 -07:00
memcontrol.c	memcg: fix prepare migration	2010-05-12 14:57:00 -07:00
memory_hotplug.c	mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone()	2016-01-29 22:12:58 +01:00
memory-failure.c	HWPOISON: abort on failed unmap	2010-08-13 13:20:17 -07:00
memory.c	mm: avoid setting up anonymous pages into file mapping	2015-09-18 13:52:16 +02:00
mempolicy.c	mempolicy: fix a race in shared_policy_replace()	2013-06-10 11:42:30 +02:00
mempool.c	mm: remove broken 'kzalloc' mempool	2009-09-22 07:17:35 -07:00
migrate.c	migrate: don't account swapcache as shmem	2011-07-13 05:29:23 +02:00
mincore.c	mm: hugetlb: fix hugepage memory leak in mincore()	2009-12-18 14:04:29 -08:00
mlock.c	mm: try_to_unmap_cluster() should lock_page() before mlocking	2014-11-23 10:55:35 +01:00
mm_init.c	mm: mminit_loglevel cannot be __meminitdata anymore	2008-08-20 15:40:30 -07:00
mmap.c	vm: fix vm_pgoff wrap in upward expansion	2011-11-07 12:32:50 -08:00
mmu_context.c	mm: reduce atomic use on use_mm fast path	2009-09-22 07:17:42 -07:00
mmu_notifier.c	mm: mmu_notifier: fix freed page still mapped in secondary MMU	2012-10-07 23:38:17 +02:00
mmzone.c	mm: page allocator: calculate a better estimate of NR_FREE_PAGES when memory is low and kswapd is awake	2010-09-26 17:21:34 -07:00
mprotect.c	perf_events: Fix perf_counter_mmap() hook in mprotect()	2010-12-09 13:27:03 -08:00
mremap.c	mm: avoid wrapping vm_pgoff in mremap()	2011-04-14 16:53:30 -07:00
msync.c	[CVE-2009-0029] System call wrappers part 13	2009-01-14 14:15:23 +01:00
nommu.c	nommu: yield CPU while disposing VM	2010-12-09 13:27:02 -08:00
oom_kill.c	memcg: fix oom killing a child process in an other cgroup	2010-03-15 08:49:33 -07:00
page_alloc.c	mm/page_alloc.c: prevent unending loop in __alloc_pages_slowpath()	2011-06-23 15:24:02 -07:00
page_cgroup.c	memory hotplug: alloc page from other node in memory online	2009-09-22 07:17:26 -07:00
page_io.c	mm: remove file argument from swap_readpage()	2009-06-16 19:47:44 -07:00
page_isolation.c	memory hotplug: fix page_zone() calculation in test_pages_isolated()	2008-11-06 15:41:19 -08:00
page-writeback.c	writeback: fixups for !dirty_writeback_centisecs	2012-03-17 11:14:47 +01:00
pagewalk.c	mm: hugetlb: fix hugepage memory leak in walk_page_range()	2009-12-18 14:04:30 -08:00
percpu.c	percpu: fix chunk range calculation	2011-12-21 13:04:52 -08:00
prio_tree.c	spelling fixes: mm/	2007-10-20 01:27:18 +02:00
quicklist.c	cpumask: use new-style cpumask ops in mm/quicklist.	2009-09-24 09:34:52 +09:30
readahead.c	readahead: fix NULL filp dereference	2010-04-26 07:41:19 -07:00
rmap.c	mm: try_to_unmap_cluster() should lock_page() before mlocking	2014-11-23 10:55:35 +01:00
shmem_acl.c	shmfs: use 'check_acl' instead of 'permission'	2009-09-08 11:08:46 -07:00
shmem.c	tmpfs: fix use-after-free of mempolicy object	2013-06-10 11:43:09 +02:00
slab.c	slab: fix object alignment	2010-08-26 16:41:46 -07:00
slob.c	slab: remove duplicate kmem_cache_init_late() declarations	2009-08-06 11:36:25 +03:00
slub.c	mm: kmem_cache_create(): make it easier to catch NULL cache names	2009-09-22 07:17:33 -07:00
sparse-vmemmap.c	memory hotplug: alloc page from other node in memory online	2009-09-22 07:17:26 -07:00
sparse.c	memory hotplug: alloc page from other node in memory online	2009-09-22 07:17:26 -07:00
swap_state.c	mm: add_to_swap_cache() does not return -EEXIST	2009-09-22 07:17:35 -07:00
swap.c	mm: replace various uses of num_physpages by totalram_pages	2009-09-22 07:17:38 -07:00
swapfile.c	mm: fix corruption of hibernation caused by reusing swap during image saving	2010-08-13 13:20:26 -07:00
thrash.c	mm: pass mm to grab_swap_token	2009-06-23 12:50:05 -07:00
truncate.c	mm: fix invalidate_complete_page2() lock ordering	2013-06-10 11:42:30 +02:00
util.c	export __get_user_pages_fast() function	2011-12-21 13:04:54 -08:00
vmalloc.c	mm: avoid null pointer access in vm_struct via /proc/vmallocinfo	2011-11-26 09:10:36 -08:00
vmscan.c	mm: bugfix: set current->reclaim_state to NULL while returning from kswapd()	2013-06-10 11:42:29 +02:00
vmstat.c	mm: page allocator: calculate a better estimate of NR_FREE_PAGES when memory is low and kswapd is awake	2010-09-26 17:21:34 -07:00