[PATCH] Fix crash when ptrace poking hugepage areas

set_page_dirty() will not cope with being handed a page * which is part of
a compound page, but not the master page in that compound page.  This case
can occur via access_process_vm() if you attemp to write to another
process's hugepage memory area using ptrace() (causing an oops or hang).

This patch fixes the bug by only calling set_page_dirty() from
access_process_vm() if the page is not a compound page.  We already use a
similar fix in bio_set_pages_dirty() for the case of direct io to
hugepages.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Acked-by: William Irwin <wli@holomorphy.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 17ee7e5..656476e 100644 (file)
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -241,7 +241,8 @@ int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, in
                if (write) {
                        copy_to_user_page(vma, page, addr,
                                          maddr + offset, buf, bytes);
-                       set_page_dirty_lock(page);
+                       if (!PageCompound(page))
+                               set_page_dirty_lock(page);
                } else {
                        copy_from_user_page(vma, page, addr,
                                            buf, maddr + offset, bytes);