From bf73af3760eaeef6596bfd85a25b53bdf1dfdfc8 Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Sun, 10 May 2015 19:07:03 +0000 Subject: path_openat(): fix double fput() svn path=/dists/trunk/linux/; revision=22584 --- debian/changelog | 1 + .../bugfix/all/path_openat-fix-double-fput.patch | 34 ++++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 36 insertions(+) create mode 100644 debian/patches/bugfix/all/path_openat-fix-double-fput.patch diff --git a/debian/changelog b/debian/changelog index db81f26f761c..d3c8494b9e6b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -140,6 +140,7 @@ linux (4.0.2-1~exp1) UNRELEASED; urgency=medium * [alpha,armel/kirkwood,hppa,ia64,mips*/{octeon,sb1-bcm91250a}] Re-enable PM * [armel/orion5x] Enable PM * [armhf] sound: Enable SND_SIMPLE_CARD as module + * path_openat(): fix double fput() [ Ian Campbell ] * [armhf] Enable support for Freescale SNVS RTC. (Closes: #782364) diff --git a/debian/patches/bugfix/all/path_openat-fix-double-fput.patch b/debian/patches/bugfix/all/path_openat-fix-double-fput.patch new file mode 100644 index 000000000000..f30ac09650e3 --- /dev/null +++ b/debian/patches/bugfix/all/path_openat-fix-double-fput.patch @@ -0,0 +1,34 @@ +From: Al Viro +Date: Fri, 8 May 2015 22:53:15 -0400 +Subject: path_openat(): fix double fput() +Origin: https://git.kernel.org/linus/f15133df088ecadd141ea1907f2c96df67c729f0 + +path_openat() jumps to the wrong place after do_tmpfile() - it has +already done path_cleanup() (as part of path_lookupat() called by +do_tmpfile()), so doing that again can lead to double fput(). + +Cc: stable@vger.kernel.org # v3.11+ +Signed-off-by: Al Viro +--- + fs/namei.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/fs/namei.c ++++ b/fs/namei.c +@@ -3228,7 +3228,7 @@ static struct file *path_openat(int dfd, + + if (unlikely(file->f_flags & __O_TMPFILE)) { + error = do_tmpfile(dfd, pathname, nd, flags, op, file, &opened); +- goto out; ++ goto out2; + } + + error = path_init(dfd, pathname->name, flags, nd); +@@ -3258,6 +3258,7 @@ static struct file *path_openat(int dfd, + } + out: + path_cleanup(nd); ++out2: + if (!(opened & FILE_OPENED)) { + BUG_ON(!error); + put_filp(file); diff --git a/debian/patches/series b/debian/patches/series index 92f0dc9f1803..599720dddf63 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -65,3 +65,4 @@ debian/emmc-don-t-initialize-partitions-on-rpmb-flagged-areas.patch # Miscellaneous features features/all/efi-autoload-efi-pstore.patch bugfix/all/ipv4-missing-sk_nulls_node_init-in-ping_unhash.patch +bugfix/all/path_openat-fix-double-fput.patch -- cgit v1.2.3