From: Greg Kroah-Hartman Date: Sun, 18 Nov 2012 07:56:58 +0000 (-0800) Subject: 3.0-stable patches X-Git-Tag: v3.0.53~35 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0b2e8163b1e52d1b06dd51aafa741ff959e77792;p=thirdparty%2Fkernel%2Fstable-queue.git 3.0-stable patches added patches: mm-bugfix-set-current-reclaim_state-to-null-while-returning-from-kswapd.patch --- diff --git a/queue-3.0/mm-bugfix-set-current-reclaim_state-to-null-while-returning-from-kswapd.patch b/queue-3.0/mm-bugfix-set-current-reclaim_state-to-null-while-returning-from-kswapd.patch new file mode 100644 index 00000000000..be6103c13cc --- /dev/null +++ b/queue-3.0/mm-bugfix-set-current-reclaim_state-to-null-while-returning-from-kswapd.patch @@ -0,0 +1,38 @@ +From b0a8cc58e6b9aaae3045752059e5e6260c0b94bc Mon Sep 17 00:00:00 2001 +From: Takamori Yamaguchi +Date: Thu, 8 Nov 2012 15:53:39 -0800 +Subject: mm: bugfix: set current->reclaim_state to NULL while returning from kswapd() + +From: Takamori Yamaguchi + +commit b0a8cc58e6b9aaae3045752059e5e6260c0b94bc upstream. + +In kswapd(), set current->reclaim_state to NULL before returning, as +current->reclaim_state holds reference to variable on kswapd()'s stack. + +In rare cases, while returning from kswapd() during memory offlining, +__free_slab() and freepages() can access the dangling pointer of +current->reclaim_state. + +Signed-off-by: Takamori Yamaguchi +Signed-off-by: Aaditya Kumar +Acked-by: David Rientjes +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + mm/vmscan.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/mm/vmscan.c ++++ b/mm/vmscan.c +@@ -2977,6 +2977,8 @@ static int kswapd(void *p) + &balanced_classzone_idx); + } + } ++ ++ current->reclaim_state = NULL; + return 0; + } + diff --git a/queue-3.0/series b/queue-3.0/series new file mode 100644 index 00000000000..32b3a24649b --- /dev/null +++ b/queue-3.0/series @@ -0,0 +1 @@ +mm-bugfix-set-current-reclaim_state-to-null-while-returning-from-kswapd.patch