From 0e783a3c37c024e9af1609fc528e6fb533d7bdbc Mon Sep 17 00:00:00 2001
From: Larry Woodman <lwoodman@redhat.com>
Date: Fri, 24 Sep 2010 12:04:48 -0400
Subject: [PATCH] --- yaml --- r: 210991 b: refs/heads/master c:
 5ec1055aa5632dd7a8283cdb5fa9be3c535eaa06 h: refs/heads/master i:   210989:
 bc429081c83798cd30a257380cb16c06f1cd3f9b   210987:
 98d8e006cbef2b11929a3ed3a6b8366952f58a96   210983:
 13a8696ce326fa18c9f6cb37e719e3c305d02218   210975:
 b1368f62090c25994437f29e69b23fed619336fb v: v3

---
 [refs]            | 2 +-
 trunk/mm/fremap.c | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/[refs] b/[refs]
index 3b865f6245f2..257546159a49 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 8ae09259ffe2402e956efd5a36220b6161e9ecb3
+refs/heads/master: 5ec1055aa5632dd7a8283cdb5fa9be3c535eaa06
diff --git a/trunk/mm/fremap.c b/trunk/mm/fremap.c
index 7b7f852848de..ec520c7b28df 100644
--- a/trunk/mm/fremap.c
+++ b/trunk/mm/fremap.c
@@ -141,6 +141,10 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size,
 	if (start + size <= start)
 		return err;
 
+	/* Does pgoff wrap? */
+	if (pgoff + (size >> PAGE_SHIFT) < pgoff)
+		return err;
+
 	/* Can we represent this offset inside this architecture's pte's? */
 #if PTE_FILE_MAX_BITS < BITS_PER_LONG
 	if (pgoff + (size >> PAGE_SHIFT) >= (1UL << PTE_FILE_MAX_BITS))