From: Gordon Jin <gordon.jin@intel.com>

This patch fixes a corner case in sys_mprotect(): 

Case: len is so large that will overflow to 0 after page alignment.  E.g. 
len=(size_t)(-1), i.e.  0xff...ff.

Expected result: POSIX spec says it should return -ENOMEM.

Current result: len is aligned to 0, then treated the same as len=0 and
return success.

Signed-off-by: Andrew Morton <akpm@osdl.org>
---

 25-akpm/mm/mprotect.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff -puN mm/mprotect.c~fix-mprotect-with-len=size_t-1-to-return-enomem mm/mprotect.c
--- 25/mm/mprotect.c~fix-mprotect-with-len=size_t-1-to-return-enomem	2005-03-14 18:18:11.000000000 -0800
+++ 25-akpm/mm/mprotect.c	2005-03-14 18:18:11.000000000 -0800
@@ -189,14 +189,14 @@ sys_mprotect(unsigned long start, size_t
 
 	if (start & ~PAGE_MASK)
 		return -EINVAL;
+	if (!len)
+		return 0;
 	len = PAGE_ALIGN(len);
 	end = start + len;
-	if (end < start)
+	if (end <= start)
 		return -ENOMEM;
 	if (prot & ~(PROT_READ | PROT_WRITE | PROT_EXEC | PROT_SEM))
 		return -EINVAL;
-	if (end == start)
-		return 0;
 
 	reqprot = prot;
 	/*
_