From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org,
torvalds@linux-foundation.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>,
akpm@linux-foundation.org, alan@lxorguk.ukuu.org.uk,
gurudas.pai@oracle.com, zach.brown@oracle.com,
joe.jin@oracle.com, pbadari@us.ibm.com
Subject: [patch 08/12] direct-io: fix error-path crashes
Date: Tue, 14 Aug 2007 00:29:29 -0700 [thread overview]
Message-ID: <20070814072929.GI15025@kroah.com> (raw)
In-Reply-To: <20070814072813.GA15025@kroah.com>
[-- Attachment #1: direct-io-fix-error-path-crashes.patch --]
[-- Type: text/plain, Size: 1161 bytes --]
-stable review patch. If anyone has any objections, please let us know.
------------------
From: Badari Pulavarty <pbadari@us.ibm.com>
Need to initialize map_bh.b_state to zero. Otherwise, in case of a faulty
user-buffer its possible to go into dio_zero_block() and submit a page by
mistake - since it checks for buffer_new().
http://marc.info/?l=linux-kernel&m=118551339032528&w=2
akpm: Linus had a (better) patch to just do a kzalloc() in there, but it got
lost. Probably this version is better for -stable anwyay.
Signed-off-by: Badari Pulavarty <pbadari@us.ibm.com>
Acked-by: Joe Jin <joe.jin@oracle.com>
Acked-by: Zach Brown <zach.brown@oracle.com>
Cc: gurudas pai <gurudas.pai@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
fs/direct-io.c | 1 +
1 file changed, 1 insertion(+)
--- a/fs/direct-io.c
+++ b/fs/direct-io.c
@@ -974,6 +974,7 @@ direct_io_worker(int rw, struct kiocb *i
dio->get_block = get_block;
dio->end_io = end_io;
dio->map_bh.b_private = NULL;
+ dio->map_bh.b_state = 0;
dio->final_block_in_bio = -1;
dio->next_block_for_io = -1;
--
next prev parent reply other threads:[~2007-08-14 7:52 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20070814072244.882283903@mini.kroah.org>
2007-08-14 7:28 ` [patch 00/12] 2.6.22-stable review Greg KH
2007-08-14 7:28 ` [patch 01/12] fix oops in __audit_signal_info() Greg KH
2007-08-14 7:28 ` [patch 02/12] random: fix bound check ordering (CVE-2007-3105) Greg KH
2007-08-14 7:28 ` [patch 03/12] softmac: Fix deadlock of wx_set_essid with assoc work Greg KH
2007-08-14 7:28 ` Greg KH
2007-08-14 7:29 ` [patch 04/12] ata_piix: update map 10b for ich8m Greg KH
2007-08-14 7:29 ` [patch 05/12] PPC: Revert "Dont complain if size-cells == 0 in prom_parse()" Greg KH
2007-08-14 7:29 ` [patch 07/12] powerpc: Fix size check for hugetlbfs Greg KH
2007-08-14 7:29 ` Greg KH
2007-08-14 7:56 ` David Gibson
2007-08-14 7:56 ` David Gibson
2007-08-14 7:29 ` [patch 06/12] PPC: Revert "Add mdio to bus scan id list for platforms with QE UEC" Greg KH
2007-08-14 7:29 ` Greg KH [this message]
2007-08-14 7:29 ` [patch 12/12] CPUFREQ: ondemand: add a check to avoid negative load calculation Greg KH
2007-08-14 7:29 ` [patch 11/12] CPUFREQ: ondemand: fix tickless accounting and software coordination bug Greg KH
2007-08-14 7:29 ` [patch 10/12] pata_atiixp: add SB700 PCI ID Greg KH
2007-08-14 7:29 ` [patch 09/12] stifb: detect cards in double buffer mode more reliably Greg KH
2007-08-14 16:13 ` [patch 00/12] 2.6.22-stable review Prakash Punnoor
2007-08-14 16:04 ` Greg KH
2007-08-14 17:02 ` Prakash Punnoor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070814072929.GI15025@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=gurudas.pai@oracle.com \
--cc=jmforbes@linuxtx.org \
--cc=joe.jin@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=pbadari@us.ibm.com \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=zach.brown@oracle.com \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.