Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-13 09:20:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-next/mm
History
Andy Lutomirski 9ab4233dd0 mm: Hold a file reference in madvise_remove 
Otherwise the code races with munmap (causing a use-after-free
of the vma) or with close (causing a use-after-free of the struct
file).

The bug was introduced by commit 90ed52ebe481 ("[PATCH] holepunch: fix
mmap_sem i_mutex deadlock")

Cc: Hugh Dickins <hugh@veritas.com>
Cc: Miklos Szeredi <mszeredi@suse.cz>
Cc: Badari Pulavarty <pbadari@us.ibm.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: stable@vger.kernel.org
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-07-06 10:34:38 -07:00
..
backing-dev.c
backing-dev: fix wakeup timer races with bdi_unregister()
2012-02-01 16:52:49 +08:00
bootmem.c
mm/bootmem.c: cleanup on addition to bootmem data list
2012-05-29 16:22:24 -07:00
bounce.c
mm: remove the second argument of k[un]map_atomic()
2012-03-20 21:48:27 +08:00
cleancache.c
->encode_fh() API change
2012-05-29 23:28:33 -04:00
compaction.c
Revert "mm: compaction: handle incorrect MIGRATE_UNMOVABLE type pageblocks"
2012-06-03 20:05:57 -07:00
debug-pagealloc.c
mm, x86: Remove debug_pagealloc_enabled
2011-12-06 09:24:07 +01:00
dmapool.c
mm: fix implicit stat.h usage in dmapool.c
2011-10-31 09:20:12 -04:00
fadvise.c
fadvise: only initiate writeback for specified range with FADV_DONTNEED
2012-01-10 16:30:43 -08:00
failslab.c
switch debugfs to umode_t
2012-01-03 22:54:56 -05:00
filemap_xip.c
fs: introduce inode operation ->update_time
2012-06-01 12:07:25 -04:00
filemap.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2012-06-01 10:34:35 -07:00
fremap.c
mm: delete various needless include <linux/module.h>
2011-10-31 09:20:11 -04:00
frontswap.c
frontswap: s/put_page/store/g s/get_page/load
2012-05-15 11:34:08 -04:00
highmem.c
Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux
2011-11-06 19:44:47 -08:00
huge_memory.c
mm/memcg: apply add/del_page to lruvec
2012-05-29 16:22:28 -07:00
hugetlb.c
mm: fix vma_resv_map() NULL pointer
2012-05-30 08:48:13 -07:00
hwpoison-inject.c
HWPOISON: Clean up memory_failure() vs. __memory_failure()
2012-01-03 12:06:32 -08:00
init-mm.c
atomic: use <linux/atomic.h>
2011-07-26 16:49:47 -07:00
internal.h
Revert "mm: compaction: handle incorrect MIGRATE_UNMOVABLE type pageblocks"
2012-06-03 20:05:57 -07:00
Kconfig
Frontswap provides a "transcendent memory" interface for swap pages.
2012-06-04 12:28:45 -07:00
Kconfig.debug
mm: more intensive memory corruption debugging
2012-01-10 16:30:42 -08:00
kmemcheck.c
kmemcheck: Fix build errors due to missing slab.h
2010-03-30 22:02:32 +09:00
kmemleak-test.c
kmemleak: remove memset by using kzalloc
2011-01-27 18:31:51 +00:00
kmemleak.c
kmemleak: Disable early logging when kmemleak is off by default
2012-01-20 16:57:05 +00:00
ksm.c
ksm: cleanup: introduce find_mergeable_vma()
2012-03-21 17:54:59 -07:00
maccess.c
mm: Map most files to use export.h instead of module.h
2011-10-31 09:20:12 -04:00
madvise.c
mm: Hold a file reference in madvise_remove
2012-07-06 10:34:38 -07:00
Makefile
Frontswap provides a "transcendent memory" interface for swap pages.
2012-06-04 12:28:45 -07:00
memblock.c
mm/memblock: fix overlapping allocation when doubling reserved array
2012-06-20 14:39:36 -07:00
memcontrol.c
mm: fix kernel-doc warnings
2012-06-20 14:39:36 -07:00
memory_hotplug.c
mm: print physical addresses consistently with other parts of kernel
2012-05-29 16:22:21 -07:00
memory-failure.c
mm/memory_failure: let the compiler add the function name
2012-05-29 16:22:18 -07:00
memory.c
mm/memory.c: fix kernel-doc warnings
2012-06-20 14:39:36 -07:00
mempolicy.c
mm, mempolicy: fix mbind() to do synchronous migration
2012-06-20 22:10:42 -07:00
mempool.c
mempool: fix first round failure behavior
2012-01-10 16:30:45 -08:00
migrate.c
mm: fix warning in __set_page_dirty_nobuffers
2012-06-03 20:05:47 -07:00
mincore.c
mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode
2012-03-21 17:54:54 -07:00
mlock.c
vm: avoid using find_vma_prev() unnecessarily
2012-03-06 18:23:36 -08:00
mm_init.c
mm: Map most files to use export.h instead of module.h
2011-10-31 09:20:12 -04:00
mmap.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2012-06-01 10:34:35 -07:00
mmu_context.c
mm, counters: remove task argument to sync_mm_rss() and __sync_task_rss_stat()
2012-03-21 17:54:59 -07:00
mmu_notifier.c
mm: Map most files to use export.h instead of module.h
2011-10-31 09:20:12 -04:00
mmzone.c
mm: add link from struct lruvec to struct zone
2012-05-29 16:22:26 -07:00
mprotect.c
Merge branch 'akpm' (Andrew's patch-bomb)
2012-03-22 09:04:48 -07:00
mremap.c
move security_mmap_addr() to saner place
2012-06-01 10:37:16 -04:00
msync.c
sanitize vfs_fsync calling conventions
2010-05-21 18:31:21 -04:00
nobootmem.c
mm: remove sparsemem allocation details from the bootmem allocator
2012-05-29 16:22:22 -07:00
nommu.c
nommu: fix compilation of nommu.c
2012-06-04 17:17:31 -04:00
oom_kill.c
mm: fix kernel-doc warnings
2012-06-20 14:39:36 -07:00
page_alloc.c
Revert "mm: compaction: handle incorrect MIGRATE_UNMOVABLE type pageblocks"
2012-06-03 20:05:57 -07:00
page_cgroup.c
mm: fix kernel-doc warnings
2012-06-20 14:39:36 -07:00
page_io.c
frontswap: s/put_page/store/g s/get_page/load
2012-05-15 11:34:08 -04:00
page_isolation.c
mm: page_isolation: MIGRATE_CMA isolation functions added
2012-05-21 15:09:33 +02:00
page-writeback.c
writeback: initialize global_dirty_limit
2012-05-06 13:41:58 +08:00
pagewalk.c
mm: fix kernel-doc warnings
2012-06-20 14:39:36 -07:00
percpu-km.c
percpu: clear memory allocated with the km allocator
2010-10-02 10:28:42 +03:00
percpu-vm.c
mm: fix kernel-doc warnings
2012-06-20 14:39:36 -07:00
percpu.c
kmemleak: Fix the kmemleak tracking of the percpu areas with !SMP
2012-05-09 10:13:29 -07:00
pgtable-generic.c
arch/tile: allow building Linux with transparent huge pages enabled
2012-05-25 12:48:21 -04:00
prio_tree.c
sanitize <linux/prefetch.h> usage
2011-05-20 12:50:29 -07:00
process_vm_access.c
aio/vfs: cleanup of rw_copy_check_uvector() and compat_rw_copy_check_uvector()
2012-05-31 17:49:32 -07:00
quicklist.c
mm: delete various needless include <linux/module.h>
2011-10-31 09:20:11 -04:00
readahead.c
mm: move readahead syscall to mm/readahead.c
2012-05-29 16:22:23 -07:00
rmap.c
mm: remove swap token code
2012-05-29 16:22:19 -07:00
shmem.c
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
2012-07-03 15:45:10 -07:00
slab.c
Merge branch 'slab/for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/linux
2012-03-28 15:04:26 -07:00
slob.c
mm: Map most files to use export.h instead of module.h
2011-10-31 09:20:12 -04:00
slub.c
Merge branch 'slab/for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/penberg/linux
2012-06-01 16:50:23 -07:00
sparse-vmemmap.c
mm: delete various needless include <linux/module.h>
2011-10-31 09:20:11 -04:00
sparse.c
mm: remove sparsemem allocation details from the bootmem allocator
2012-05-29 16:22:22 -07:00
swap_state.c
mm: fix s390 BUG by __set_page_dirty_no_writeback on swap
2012-04-23 18:19:22 -07:00
swap.c
mm/memcg: apply add/del_page to lruvec
2012-05-29 16:22:28 -07:00
swapfile.c
swap: fix shmem swapping when more than 8 areas
2012-06-15 21:48:14 -07:00
truncate.c
mm/fs: remove truncate_range
2012-05-29 16:22:23 -07:00
util.c
new helper: vm_mmap_pgoff()
2012-06-01 10:37:18 -04:00
vmalloc.c
mm: fix faulty initialization in vmalloc_init()
2012-05-29 16:22:24 -07:00
vmscan.c
mm/memcg: apply add/del_page to lruvec
2012-05-29 16:22:28 -07:00
vmstat.c
mm/vmstat.c: remove debug fs entries on failure of file creation and made extfrag_debug_root dentry local
2012-05-29 16:22:19 -07:00