TononixOS/ubports_kernel_google_msm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
943bf197fc9af24f3b4ed45a80646f7b51fbd2b8
ubports_kernel_google_msm/mm
History
Andy Lutomirski 6e153e476e mm: Hold a file reference in madvise_remove 
commit 9ab4233dd08036fe34a89c7dc6f47a8bf2eb29eb upstream.

Otherwise the code races with munmap (causing a use-after-free
of the vma) or with close (causing a use-after-free of the struct
file).

The bug was introduced by commit 90ed52ebe4 ("[PATCH] holepunch: fix
mmap_sem i_mutex deadlock")

Cc: Hugh Dickins <hugh@veritas.com>
Cc: Miklos Szeredi <mszeredi@suse.cz>
Cc: Badari Pulavarty <pbadari@us.ibm.com>
Cc: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[bwh: Backported to 3.2:
 - Adjust context
 - madvise_remove() calls vmtruncate_range(), not do_fallocate()]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-03-15 17:09:29 -07:00
..
backing-dev.c
bdi: use deferable timer for sync_supers task
2013-02-27 18:16:50 -08:00
bootmem.c
bootmem/sparsemem: remove limit constraint in alloc_bootmem_section
2012-03-21 17:54:58 -07:00
bounce.c
mm: remove the second argument of k[un]map_atomic()
2012-03-20 21:48:27 +08:00
cleancache.c
mm: cleancache: Use __read_mostly as appropiate.
2012-01-23 16:08:09 -05:00
compaction.c
cma: fix watermark checking
2013-03-15 17:06:38 -07:00
debug-pagealloc.c
dmapool.c
fadvise.c
fadvise: only initiate writeback for specified range with FADV_DONTNEED
2012-01-10 16:30:43 -08:00
failslab.c
switch debugfs to umode_t
2012-01-03 22:54:56 -05:00
filemap_xip.c
mm/filemap_xip.c: fix race condition in xip_file_fault()
2012-02-03 16:16:41 -08:00
filemap.c
mm: Don't use CMA pages for writes
2013-03-07 15:23:35 -08:00
fremap.c
highmem.c
huge_memory.c
thp: optimize away unnecessary page table locking
2012-03-21 17:54:57 -07:00
hugetlb.c
hugetlb: prevent BUG_ON in hugetlb_fault() -> hugetlb_cow()
2012-05-10 15:06:44 -07:00
hwpoison-inject.c
HWPOISON: Clean up memory_failure() vs. __memory_failure()
2012-01-03 12:06:32 -08:00
init-mm.c
internal.h
cma: fix watermark checking
2013-03-15 17:06:38 -07:00
Kconfig
mm: mmzone: MIGRATE_CMA migration type added
2013-02-27 18:14:01 -08:00
Kconfig.debug
mm: more intensive memory corruption debugging
2012-01-10 16:30:42 -08:00
kmemcheck.c
kmemleak-test.c
kmemleak.c
kmemleak: Disable early logging when kmemleak is off by default
2012-01-20 16:57:05 +00:00
ksm.c
ksm: cleanup: introduce find_mergeable_vma()
2012-03-21 17:54:59 -07:00
maccess.c
madvise.c
mm: Hold a file reference in madvise_remove
2013-03-15 17:09:29 -07:00
Makefile
mm: compaction: export some of the functions
2013-02-27 18:13:58 -08:00
memblock.c
memblock: Add memblock_overlaps_memory()
2013-02-20 02:43:56 -08:00
memcontrol.c
memcg,thp: fix res_counter:96 regression
2012-05-19 10:10:27 -07:00
memory_hotplug.c
mm: page_isolation: MIGRATE_CMA isolation functions added
2013-02-27 18:14:02 -08:00
memory-failure.c
mm: page_isolation: MIGRATE_CMA isolation functions added
2013-02-27 18:14:02 -08:00
memory.c
mm: Use correct define for CMA features
2013-03-07 15:23:58 -08:00
mempolicy.c
mm: fix NULL ptr dereference in migrate_pages
2012-04-25 21:26:34 -07:00
mempool.c
mempool: fix first round failure behavior
2012-01-10 16:30:45 -08:00
migrate.c
mm: fix NULL ptr dereference in move_pages
2012-04-25 21:26:34 -07:00
mincore.c
mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode
2012-03-21 17:54:54 -07:00
mlock.c
vm: avoid using find_vma_prev() unnecessarily
2012-03-06 18:23:36 -08:00
mm_init.c
mmap.c
kill mm argument of vm_munmap()
2012-04-21 01:58:20 -04:00
mmu_context.c
mm, counters: remove task argument to sync_mm_rss() and __sync_task_rss_stat()
2012-03-21 17:54:59 -07:00
mmu_notifier.c
mmzone.c
mprotect.c
Merge branch 'akpm' (Andrew's patch-bomb)
2012-03-22 09:04:48 -07:00
mremap.c
mm: collapse security_vm_enough_memory() variants into a single function
2012-02-14 10:45:39 +11:00
msync.c
nobootmem.c
mm: nobootmem: fix sign extend problem in __free_pages_memory()
2012-05-10 15:06:44 -07:00
nommu.c
kill mm argument of vm_munmap()
2012-04-21 01:58:20 -04:00
oom_kill.c
signal: oom_kill_task: use SEND_SIG_FORCED instead of force_sig()
2012-03-23 16:58:41 -07:00
page_alloc.c
cma: redirect page allocation to CMA
2013-03-15 17:08:42 -07:00
page_cgroup.c
page_cgroup: fix horrid swap accounting regression
2012-03-06 08:18:23 -08:00
page_io.c
page_isolation.c
mm: page_isolation: MIGRATE_CMA isolation functions added
2013-02-27 18:14:02 -08:00
page-writeback.c
Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
2012-03-28 10:02:55 -07:00
pagewalk.c
mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode
2012-03-21 17:54:54 -07:00
percpu-km.c
percpu-vm.c
percpu: use bitmap_clear
2012-01-20 09:23:16 -08:00
percpu.c
kmemleak: Fix the kmemleak tracking of the percpu areas with !SMP
2012-05-09 10:13:29 -07:00
pgtable-generic.c
thp: add HPAGE_PMD_* definitions for !CONFIG_TRANSPARENT_HUGEPAGE
2012-03-21 17:55:02 -07:00
prio_tree.c
process_vm_access.c
Fix race in process_vm_rw_core
2012-02-02 12:55:17 -08:00
quicklist.c
readahead.c
rmap.c
memcg: use new logic for page stat accounting
2012-03-21 17:55:01 -07:00
shmem.c
ashmem: Add shmem_set_file to mm/shmem.c
2012-04-09 13:53:14 -07:00
slab.c
Merge branch 'slab/for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/linux
2012-03-28 15:04:26 -07:00
slob.c
slub.c
slub: fix a memory leak in get_partial_node()
2013-03-15 17:09:26 -07:00
sparse-vmemmap.c
sparse.c
msm: mm: Fix errors when turning on SPARSEMEM
2013-02-20 02:43:57 -08:00
swap_state.c
mm: fix s390 BUG by __set_page_dirty_no_writeback on swap
2012-04-23 18:19:22 -07:00
swap.c
mm: drain percpu lru add/rotate page-vectors on cpu hot-unplug
2012-03-21 17:54:58 -07:00
swapfile.c
swapon: check validity of swap_flags
2012-03-28 17:14:35 -07:00
thrash.c
truncate.c
mm for fs: add truncate_pagecache_range()
2012-03-28 17:14:35 -07:00
util.c
procfs: mark thread stack correctly in proc/<pid>/maps
2012-03-21 17:54:58 -07:00
vmalloc.c
mm: fix faulty initialization in vmalloc_init()
2013-02-20 02:43:59 -08:00
vmscan.c
mm: fix up the vmscan stat in vmstat
2012-04-25 21:26:33 -07:00
vmstat.c
mm: make counts of CMA free pages correct
2013-03-07 15:23:58 -08:00