From: Ma Wupeng <mawupeng1@huawei.com>

Return -EINVAL if len overflows for set_mempolicy_home_node.

Signed-off-by: Ma Wupeng <mawupeng1@huawei.com>
---
 mm/mempolicy.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 02c8a712282f..153fda1ebb9c 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1488,6 +1488,7 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le
 		unsigned long, home_node, unsigned long, flags)
 {
 	struct mm_struct *mm = current->mm;
+	unsigned long old_len = len;
 	struct vm_area_struct *vma;
 	struct mempolicy *new;
 	unsigned long vmstart;
@@ -1515,7 +1516,7 @@ SYSCALL_DEFINE4(set_mempolicy_home_node, unsigned long, start, unsigned long, le
 	len = PAGE_ALIGN(len);
 	end = start + len;
 
-	if (end < start)
+	if (end < start || (old_len != 0 && len == 0))
 		return -EINVAL;
 	if (end == start)
 		return 0;
-- 
2.25.1