Patch "pstore: skip zero size persistent ram buffer in traverse" has been added to the 3.10-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    pstore: skip zero size persistent ram buffer in traverse

to the 3.10-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     pstore-skip-zero-size-persistent-ram-buffer-in-traverse.patch
and it can be found in the queue-3.10 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From aa9a4a1edfbd3d223af01db833da2f07850bc655 Mon Sep 17 00:00:00 2001
From: Liu ShuoX <shuox.liu@xxxxxxxxx>
Date: Mon, 17 Mar 2014 11:24:49 +1100
Subject: pstore: skip zero size persistent ram buffer in traverse

From: Liu ShuoX <shuox.liu@xxxxxxxxx>

commit aa9a4a1edfbd3d223af01db833da2f07850bc655 upstream.

In ramoops_pstore_read, a valid prz pointer with zero size buffer will
break traverse of all persistent ram buffers.  The latter buffer might be
lost.

Signed-off-by: Liu ShuoX <shuox.liu@xxxxxxxxx>
Cc: "Zhang, Yanmin" <yanmin_zhang@xxxxxxxxxxxxxxx>
Cc: Colin Cross <ccross@xxxxxxxxxxx>
Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Tony Luck <tony.luck@xxxxxxxxx>
Cc: HuKeping <hukeping@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 fs/pstore/ram.c |   10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

--- a/fs/pstore/ram.c
+++ b/fs/pstore/ram.c
@@ -126,12 +126,12 @@ ramoops_get_next_prz(struct persistent_r
 
 	prz = przs[i];
 
-	if (update) {
-		/* Update old/shadowed buffer. */
+	/* Update old/shadowed buffer. */
+	if (update)
 		persistent_ram_save_old(prz);
-		if (!persistent_ram_old_size(prz))
-			return NULL;
-	}
+
+	if (!persistent_ram_old_size(prz))
+		return NULL;
 
 	*typep = type;
 	*id = i;


Patches currently in stable-queue which might be from shuox.liu@xxxxxxxxx are

queue-3.10/pstore-fix-null-pointer-fault-if-get-null-prz-in-ramoops_get_next_prz.patch
queue-3.10/pstore-clarify-clearing-of-_read_cnt-in-ramoops_context.patch
queue-3.10/pstore-skip-zero-size-persistent-ram-buffer-in-traverse.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]