[PATCH] broken fault_in_pages_readable call in generic_file_buffered_write() fault_in_pages_readable() is being passed an incorrect `end' address, which can result in writes accidentally faulting in pages which will not be affected by the write() call. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: a51171816826b074828fa96cb6ef60fc3b13631a [log] [tgz]
author: Martin Schwidefsky <schwidefsky@de.ibm.com> Mon Jun 06 13:35:54 2005 -0700
committer: Linus Torvalds <torvalds@ppc970.osdl.org> Mon Jun 06 14:42:23 2005 -0700
tree: e3c6f7a9852d45e9fdec75d7c71548ba404625e7
parent: 7cef5677ef3a8084f2588ce0a129dc95d65161f6 [diff] [blame]
diff --git a/mm/filemap.c b/mm/filemap.c
index 1d33fec..4a2fee2 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c

@@ -1968,6 +1968,7 @@
 	do {
 		unsigned long index;
 		unsigned long offset;
+		unsigned long maxlen;
 		size_t copied;
 
 		offset = (pos & (PAGE_CACHE_SIZE -1)); /* Within page */
@@ -1982,7 +1983,10 @@
 		 * same page as we're writing to, without it being marked
 		 * up-to-date.
 		 */
-		fault_in_pages_readable(buf, bytes);
+		maxlen = cur_iov->iov_len - iov_base;
+		if (maxlen > bytes)
+			maxlen = bytes;
+		fault_in_pages_readable(buf, maxlen);
 
 		page = __grab_cache_page(mapping,index,&cached_page,&lru_pvec);
 		if (!page) {
@@ -2024,6 +2028,8 @@
 					filemap_set_next_iovec(&cur_iov,
 							&iov_base, status);
 					buf = cur_iov->iov_base + iov_base;
+				} else {
+					iov_base += status;
 				}
 			}
 		}
commit	a51171816826b074828fa96cb6ef60fc3b13631a	[log] [tgz]
author	Martin Schwidefsky <schwidefsky@de.ibm.com>	Mon Jun 06 13:35:54 2005 -0700
committer	Linus Torvalds <torvalds@ppc970.osdl.org>	Mon Jun 06 14:42:23 2005 -0700
tree	e3c6f7a9852d45e9fdec75d7c71548ba404625e7
parent	7cef5677ef3a8084f2588ce0a129dc95d65161f6 [diff] [blame]