[PATCH 1/3] Fix /proc/pid/pagemap return length calculation

[PATCH 1/3] Fix /proc/pid/pagemap return length calculation

[Dave Boutcher]

/proc/pid/pagemap has a header (usually 8 bytes) the length
of which needs to be compensated for when converting from
proc file offset to page number.  The calculation of the
starting page number (svpfn) compensates for this, but the
calculation of the ending page number (evpfn) does not, resulting
in reads returning 8 bytes more than were asked for.

Signed-off-by: Dave Boutcher <boutcher@cs.umn.edu>
---
 fs/proc/task_mmu.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 4594f15..b2baeab 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -627,7 +627,7 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
 	addr = PAGE_SIZE * svpfn;
 	if ((svpfn + 1) * sizeof(unsigned long) != src)
 		goto out;
-	evpfn = min((src + count) / sizeof(unsigned long),
+	evpfn = min((src + count) / sizeof(unsigned long) - 1,
 		    ((~0UL) >> PAGE_SHIFT) + 1);
 	count = (evpfn - svpfn) * sizeof(unsigned long);
 	end = PAGE_SIZE * evpfn;
-- 
1.4.4.2

[PATCH 2/3] Fix /proc/pid/pagemap header copy to userspace

[Dave Boutcher]

Earlier code relied on a broken length calculation copy
/proc/pid/pagemap header data to userspace.  This fix
correctly calls the add_to_pagemap routine after the header data is
set to copy results to userspace in a sane fashion.

Signed-off-by: Dave Boutcher <boutcher@cs.umn.edu>
---
 fs/proc/task_mmu.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index b2baeab..1f78cb4 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -657,11 +657,11 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
 	pm.out = buf;
 
 	if (svpfn == -1) {
-		add_to_pagemap(pm.next, 0, &pm);
 		((char *)page)[0] = (ntohl(1) != 1);
 		((char *)page)[1] = PAGE_SHIFT;
 		((char *)page)[2] = sizeof(unsigned long);
 		((char *)page)[3] = sizeof(unsigned long);
+		add_to_pagemap(pm.next, page[0], &pm);
 	}
 
 	down_read(&mm->mmap_sem);
-- 
1.4.4.2

[PATCH 3/3] Fix /proc/pid/pagemap unmapped page handling

[Dave Boutcher]

When reading /proc/pid/pagemap at an offset that
does not contain mapped pages, call pagemap_fill
to fill the buffer with -1 until either the end,
or a valid vma is encountered.

Signed-off-by: Dave Boutcher <boutcher@cs.umn.edu>
---
 fs/proc/task_mmu.c |   10 ++++++----
 1 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 1f78cb4..3978f31 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -671,10 +671,12 @@ static ssize_t pagemap_read(struct file *file, char __user *buf,
 			ret = -EIO;
 			goto out_mm;
 		}
-		vend = min(vma->vm_start - 1, end - 1) + 1;
-		ret = pagemap_fill(&pm, vend);
-		if (ret || !pm.count)
-			break;
+		if (pm.next < vma->vm_start) {
+			vend = min(vma->vm_start - 1, end - 1) + 1;
+			pagemap_fill(&pm, vend);
+			continue;
+		}
+
 		vend = min(vma->vm_end - 1, end - 1) + 1;
 		ret = walk_page_range(mm, vma->vm_start, vend,
 				      &pagemap_walk, &pm);
-- 
1.4.4.2