This is a note to let you know that I've just added the patch titled
aio: fix potential leak in aio_run_iocb().
to the 3.14-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
aio-fix-potential-leak-in-aio_run_iocb.patch
and it can be found in the queue-3.14 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.
>From 754320d6e166d3a12cb4810a452bde00afbd4e9a Mon Sep 17 00:00:00 2001
From: Leon Yu <[email protected]>
Date: Thu, 1 May 2014 03:31:28 +0000
Subject: aio: fix potential leak in aio_run_iocb().
From: Leon Yu <[email protected]>
commit 754320d6e166d3a12cb4810a452bde00afbd4e9a upstream.
iovec should be reclaimed whenever caller of rw_copy_check_uvector() returns,
but it doesn't hold when failure happens right after aio_setup_vectored_rw().
Fix that in a such way to avoid hairy goto.
Signed-off-by: Leon Yu <[email protected]>
Signed-off-by: Benjamin LaHaise <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
fs/aio.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1299,10 +1299,8 @@ rw_common:
&iovec, compat)
: aio_setup_single_vector(req, rw, buf, &nr_segs,
iovec);
- if (ret)
- return ret;
-
- ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
+ if (!ret)
+ ret = rw_verify_area(rw, file, &req->ki_pos,
req->ki_nbytes);
if (ret < 0) {
if (iovec != &inline_vec)
kfree(iovec);
Patches currently in stable-queue which might be from [email protected] are
queue-3.14/aio-fix-potential-leak-in-aio_run_iocb.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
