From 24cdbe3d69763708dcd156edfbe7aa8d00bab860 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20H=C3=B8gsberg?= <krh@bitplanet.net>
Date: Mon, 7 Apr 2014 14:42:20 -0700
Subject: [PATCH] shm: Disallow shrinking shm pools

Unused shm space will be automatically reclaimed if unused or can be
explicitly returned by using fallocate FALLOC_FL_PUNCH_HOLE.

https://bugs.freedesktop.org/show_bug.cgi?id=74632
---
 protocol/wayland.xml |  3 ++-
 src/wayland-shm.c    | 10 ++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/protocol/wayland.xml b/protocol/wayland.xml
index db1b349..330f8ab 100644
--- a/protocol/wayland.xml
+++ b/protocol/wayland.xml
@@ -246,7 +246,8 @@
       <description summary="change the size of the pool mapping">
 	This request will cause the server to remap the backing memory
 	for the pool from the file descriptor passed when the pool was
-	created, but using the new size.
+	created, but using the new size.  This request can only be
+	used to make the pool bigger.
       </description>
 
       <arg name="size" type="int"/>
diff --git a/src/wayland-shm.c b/src/wayland-shm.c
index ee1c8e6..3fce678 100644
--- a/src/wayland-shm.c
+++ b/src/wayland-shm.c
@@ -50,7 +50,7 @@ struct wl_shm_pool {
 	struct wl_resource *resource;
 	int refcount;
 	char *data;
-	int size;
+	int32_t size;
 };
 
 struct wl_shm_buffer {
@@ -195,8 +195,14 @@ shm_pool_resize(struct wl_client *client, struct wl_resource *resource,
 	struct wl_shm_pool *pool = wl_resource_get_user_data(resource);
 	void *data;
 
-	data = mremap(pool->data, pool->size, size, MREMAP_MAYMOVE);
+	if (size < pool->size) {
+		wl_resource_post_error(resource,
+				       WL_SHM_ERROR_INVALID_FD,
+				       "shrinking pool invalid");
+		return;
+	}
 
+	data = mremap(pool->data, pool->size, size, MREMAP_MAYMOVE);
 	if (data == MAP_FAILED) {
 		wl_resource_post_error(resource,
 				       WL_SHM_ERROR_INVALID_FD,