From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-owner@vger.kernel.org>
Received: from mail.linuxfoundation.org ([140.211.169.12]:48596 "EHLO
	mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755790AbcDJRLn (ORCPT
	<rfc822;stable@vger.kernel.org>); Sun, 10 Apr 2016 13:11:43 -0400
Subject: Patch "quota: Fix possible GPF due to uninitialised pointers" has been added to the 4.5-stable tree
To: kernel@kyup.com, gregkh@linuxfoundation.org, jack@suse.cz
Cc: <stable@vger.kernel.org>, <stable-commits@vger.kernel.org>
From: <gregkh@linuxfoundation.org>
Date: Sun, 10 Apr 2016 10:11:42 -0700
Message-ID: <146030830220842@kroah.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ANSI_X3.4-1968
Content-Transfer-Encoding: 8bit
Sender: stable-owner@vger.kernel.org
List-ID: <stable.vger.kernel.org>


This is a note to let you know that I've just added the patch titled

    quota: Fix possible GPF due to uninitialised pointers

to the 4.5-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     quota-fix-possible-gpf-due-to-uninitialised-pointers.patch
and it can be found in the queue-4.5 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.


>>From ab73ef46398e2c0159f3a71de834586422d2a44a Mon Sep 17 00:00:00 2001
From: Nikolay Borisov <kernel@kyup.com>
Date: Thu, 3 Mar 2016 10:54:57 +0100
Subject: quota: Fix possible GPF due to uninitialised pointers

From: Nikolay Borisov <kernel@kyup.com>

commit ab73ef46398e2c0159f3a71de834586422d2a44a upstream.

When dqget() in __dquot_initialize() fails e.g. due to IO error,
__dquot_initialize() will pass an array of uninitialized pointers to
dqput_all() and thus can lead to deference of random data. Fix the
problem by properly initializing the array.

Signed-off-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 fs/quota/dquot.c |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

--- a/fs/quota/dquot.c
+++ b/fs/quota/dquot.c
@@ -1398,7 +1398,7 @@ static int dquot_active(const struct ino
 static int __dquot_initialize(struct inode *inode, int type)
 {
 	int cnt, init_needed = 0;
-	struct dquot **dquots, *got[MAXQUOTAS];
+	struct dquot **dquots, *got[MAXQUOTAS] = {};
 	struct super_block *sb = inode->i_sb;
 	qsize_t rsv;
 	int ret = 0;
@@ -1415,7 +1415,6 @@ static int __dquot_initialize(struct ino
 		int rc;
 		struct dquot *dquot;
 
-		got[cnt] = NULL;
 		if (type != -1 && cnt != type)
 			continue;
 		/*


Patches currently in stable-queue which might be from kernel@kyup.com are

queue-4.5/quota-fix-possible-gpf-due-to-uninitialised-pointers.patch