From mboxrd@z Thu Jan 1 00:00:00 1970 From: Abhijith Das Date: Fri, 7 May 2010 17:50:18 -0400 (EDT) Subject: [Cluster-devel] [PATCH][GFS2] Bug 586009 - CVE-2010-1436 kernel: oops while cp from ext3 to gfs2 [rhel-6.0] In-Reply-To: <924012423.251581273268920873.JavaMail.root@zmail05.collab.prod.int.phx2.redhat.com> Message-ID: <568290033.251681273269018479.JavaMail.root@zmail05.collab.prod.int.phx2.redhat.com> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit This is the upstream/rhel6 fix for this bug. This patch differs from the RHEL5 fix (555754) which simply writes to the 8-byte value field of the quota. In upstream/rhel6 quota code, we're required to write the entire quota (88 bytes) which can be split across a page boundary. We check for such quotas, and read/write the two parts from/to the corresponding pages holding these parts. With this patch, I don't see the bug anymore using the reproducer in bz 555754. I successfully ran a couple of simple tests/mounts/ umounts and it doesn't seem like this patch breaks anything else. Resolves: rhbz#586009 Signed-off-by: Abhi Das -------------- next part -------------- A non-text attachment was scrubbed... Name: bz586009-try3.patch Type: text/x-patch Size: 4113 bytes Desc: not available URL: