From 2be89b96bcd690479dc1b454101611c93c342183 Mon Sep 17 00:00:00 2001 From: Chris Wright Date: Mon, 27 Feb 2006 13:08:26 -0800 Subject: [PATCH] Add XFS ftruncate fix, from Mike O'Connor --- queue/series | 1 + ...truncate-bug-could-expose-stale-data.patch | 27 +++++++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 queue/xfs-ftruncate-bug-could-expose-stale-data.patch diff --git a/queue/series b/queue/series index b2d484be164..c2e04304b33 100644 --- a/queue/series +++ b/queue/series @@ -34,3 +34,4 @@ x86_64-check-for-bad-elf-entry-address.patch fix-a-severe-bug.patch sd-fix-memory-corruption-with-broken-mode-page-headers.patch sbp2-fix-another-deadlock-after-disconnection.patch +xfs-ftruncate-bug-could-expose-stale-data.patch diff --git a/queue/xfs-ftruncate-bug-could-expose-stale-data.patch b/queue/xfs-ftruncate-bug-could-expose-stale-data.patch new file mode 100644 index 00000000000..cface3ced29 --- /dev/null +++ b/queue/xfs-ftruncate-bug-could-expose-stale-data.patch @@ -0,0 +1,27 @@ +From vendor-sec-admin@lst.de Tue Feb 14 21:23:39 2006 +Date: Wed, 15 Feb 2006 00:17:24 -0500 (EST) +From: "Mike O'Connor" +To: +Subject: [PATCH] XFS ftruncate() bug could expose stale data (CVE-2006-0554) + +This is CVE-2006-0554 and SGI bug 942658. With certain types of +ftruncate() activity on 2.6 kernels, XFS can end up exposing stale +data off disk to a user, putting extents where holes should be. + +Signed-off-by: Chris Wright +--- + + fs/xfs/linux-2.6/xfs_aops.c | 2 +- + 1 files changed, 1 insertion(+), 1 deletion(-) + +--- linux-2.6.15.4.orig/fs/xfs/linux-2.6/xfs_aops.c ++++ linux-2.6.15.4/fs/xfs/linux-2.6/xfs_aops.c +@@ -385,7 +385,7 @@ xfs_probe_unmapped_cluster( + + /* First sum forwards in this page */ + do { +- if (buffer_mapped(bh)) ++ if (buffer_mapped(bh) || !buffer_uptodate(bh)) + break; + total += bh->b_size; + } while ((bh = bh->b_this_page) != head); -- 2.47.3