From dfdf58a4628750e9b24f90163ba5a6ca5f76b065 Mon Sep 17 00:00:00 2001
From: Stefan Bader <stefan.bader@canonical.com>
Date: Tue, 20 Jun 2017 15:12:33 +0200
Subject: [PATCH] UBUNTU: SAUCE: mm: Only expand stack if guard area is hit

This was a change which happened rather late in the process. It might
have some performance benefit as it avoids trying to expand the stack
every time it is touched and instead checks on whether the guard area
has been reached.

CVE-2017-1000364

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
---
 mm/memory.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/mm/memory.c b/mm/memory.c
index fca9dc75a04d..ad7fa9be2fa0 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -2733,9 +2733,10 @@ static int do_anonymous_page(struct vm_fault *vmf)
 		return VM_FAULT_SIGBUS;
 
 	/* Check if we need to add a guard page to the stack */
-	if ((vma->vm_flags & (VM_GROWSDOWN|VM_GROWSUP)) &&
-			expand_stack(vma, vmf->address) < 0)
-		return VM_FAULT_SIGSEGV;
+	if (stack_guard_area(vma, vmf->address)) {
+		if (expand_stack(vma, vmf->address) < 0)
+			return VM_FAULT_SIGSEGV;
+	}
 
 	/*
 	 * Use pte_alloc() instead of pte_alloc_map().  We can't run
-- 
2.39.2