This is a note to let you know that I've just added the patch titled
rbd: Clear ceph_msg->bio_iter for retransmitted message
to the 3.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
0030-rbd-Clear-ceph_msg-bio_iter-for-retransmitted-messag.patch
and it can be found in the queue-3.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From da0ac672eb4e4d4dad4c1ef2d924b4ece702f947 Mon Sep 17 00:00:00 2001
From: "Yan, Zheng" <[email protected]>
Date: Wed, 6 Jun 2012 19:35:55 -0500
Subject: rbd: Clear ceph_msg->bio_iter for retransmitted message
From: "Yan, Zheng" <[email protected]>
(cherry picked from commit 43643528cce60ca184fe8197efa8e8da7c89a037)
(cherry picked from commit b132cf4c733f91bb4dd2277ea049243cf16e8b66)
The bug can cause NULL pointer dereference in write_partial_msg_pages
Signed-off-by: Zheng Yan <[email protected]>
Reviewed-by: Alex Elder <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
net/ceph/messenger.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/net/ceph/messenger.c
+++ b/net/ceph/messenger.c
@@ -563,6 +563,10 @@ static void prepare_write_message(struct
m->hdr.seq = cpu_to_le64(++con->out_seq);
m->needs_out_seq = false;
}
+#ifdef CONFIG_BLOCK
+ else
+ m->bio_iter = NULL;
+#endif
dout("prepare_write_message %p seq %lld type %d len %d+%d+%d %d pgs\n",
m, con->out_seq, le16_to_cpu(m->hdr.type),
Patches currently in stable-queue which might be from [email protected] are
queue-3.4/0036-rbd-Fix-ceph_snap_context-size-calculation.patch
queue-3.4/0030-rbd-Clear-ceph_msg-bio_iter-for-retransmitted-messag.patch
queue-3.4/0037-ceph-check-PG_Private-flag-before-accessing-page-pri.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
