From 7d83cfd4cb79070896e2121b3fc927fedecbe7c4 Mon Sep 17 00:00:00 2001
From: "H. Peter Anvin" <hpa@zytor.com>
Date: Fri, 24 Feb 2006 21:20:29 -0800
Subject: [PATCH] --- yaml --- r: 21981 b: refs/heads/master c:
 947df17cb1be4c7239280a77263c249fde1379ef h: refs/heads/master i:   21979:
 d9e2d73fa9b169e4475e4a5806f7cc53ee183bea v: v3

---
 [refs]                           | 2 +-
 trunk/arch/mips/kernel/linux32.c | 4 ++++
 trunk/arch/mips/kernel/syscall.c | 5 ++++-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/[refs] b/[refs]
index aa5b3130a229..e80d8993d15f 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: de862b488e81172d4c610945efd9f3fc7f4b84a7
+refs/heads/master: 947df17cb1be4c7239280a77263c249fde1379ef
diff --git a/trunk/arch/mips/kernel/linux32.c b/trunk/arch/mips/kernel/linux32.c
index 1e8d24823d39..013bc93688e8 100644
--- a/trunk/arch/mips/kernel/linux32.c
+++ b/trunk/arch/mips/kernel/linux32.c
@@ -106,6 +106,10 @@ sys32_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
 	unsigned long error;
 
 	error = -EINVAL;
+	if (pgoff & (~PAGE_MASK >> 12))
+		goto out;
+	pgoff >>= PAGE_SHIFT-12;
+
 	if (!(flags & MAP_ANONYMOUS)) {
 		error = -EBADF;
 		file = fget(fd);
diff --git a/trunk/arch/mips/kernel/syscall.c b/trunk/arch/mips/kernel/syscall.c
index 55f2bc09529c..2aeaa2fd4b32 100644
--- a/trunk/arch/mips/kernel/syscall.c
+++ b/trunk/arch/mips/kernel/syscall.c
@@ -162,7 +162,10 @@ asmlinkage unsigned long
 sys_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
           unsigned long flags, unsigned long fd, unsigned long pgoff)
 {
-	return do_mmap2(addr, len, prot, flags, fd, pgoff);
+	if (pgoff & (~PAGE_MASK >> 12))
+		return -EINVAL;
+
+	return do_mmap2(addr, len, prot, flags, fd, pgoff >> (PAGE_SHIFT-12));
 }
 
 save_static_function(sys_fork);