[ 177/187] mm: Hold a file reference in madvise_remove

From: Greg Kroah-Hartman
Date: Thu Jul 12 2012 - 18:49:21 EST

Next message: Greg Kroah-Hartman: "[ 162/187] iwlwifi: remove log_event debugfs file debugging is disabled"
Previous message: Greg Kroah-Hartman: "[ 178/187] md/raid5: Do not add data_offset before call to is_badblock"
In reply to: Greg Kroah-Hartman: "[ 178/187] md/raid5: Do not add data_offset before call to is_badblock"
Next in thread: Greg Kroah-Hartman: "[ 162/187] iwlwifi: remove log_event debugfs file debugging is disabled"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>

3.4-stable review patch. If anyone has any objections, please let me know.

------------------

From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>

commit 9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb upstream.

Otherwise the code races with munmap (causing a use-after-free
of the vma) or with close (causing a use-after-free of the struct
file).

The bug was introduced by commit 90ed52ebe481 ("[PATCH] holepunch: fix
mmap_sem i_mutex deadlock")

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[ 162/187] iwlwifi: remove log_event debugfs file debugging is disabled"
Previous message: Greg Kroah-Hartman: "[ 178/187] md/raid5: Do not add data_offset before call to is_badblock"
In reply to: Greg Kroah-Hartman: "[ 178/187] md/raid5: Do not add data_offset before call to is_badblock"
Next in thread: Greg Kroah-Hartman: "[ 162/187] iwlwifi: remove log_event debugfs file debugging is disabled"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]