From 6dffe74223e570faaa4ea52e9f5c3e3bc04bbeb8 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 3 Jun 2014 14:44:00 -0700 Subject: [PATCH] 3.4-stable patches added patches: arm-8012-1-kdump-avoid-overflow-when-converting-pfn-to-physaddr.patch posix_acl-handle-null-acl-in-posix_acl_equiv_mode.patch --- ...flow-when-converting-pfn-to-physaddr.patch | 32 ++++++++++++++ ...dle-null-acl-in-posix_acl_equiv_mode.patch | 44 +++++++++++++++++++ queue-3.4/series | 2 + 3 files changed, 78 insertions(+) create mode 100644 queue-3.4/arm-8012-1-kdump-avoid-overflow-when-converting-pfn-to-physaddr.patch create mode 100644 queue-3.4/posix_acl-handle-null-acl-in-posix_acl_equiv_mode.patch diff --git a/queue-3.4/arm-8012-1-kdump-avoid-overflow-when-converting-pfn-to-physaddr.patch b/queue-3.4/arm-8012-1-kdump-avoid-overflow-when-converting-pfn-to-physaddr.patch new file mode 100644 index 00000000000..d91af7fa6f1 --- /dev/null +++ b/queue-3.4/arm-8012-1-kdump-avoid-overflow-when-converting-pfn-to-physaddr.patch @@ -0,0 +1,32 @@ +From 8fad87bca7ac9737e413ba5f1656f1114a8c314d Mon Sep 17 00:00:00 2001 +From: Liu Hua +Date: Thu, 27 Mar 2014 06:56:18 +0100 +Subject: ARM: 8012/1: kdump: Avoid overflow when converting pfn to physaddr + +From: Liu Hua + +commit 8fad87bca7ac9737e413ba5f1656f1114a8c314d upstream. + +When we configure CONFIG_ARM_LPAE=y, pfn << PAGE_SHIFT will +overflow if pfn >= 0x100000 in copy_oldmem_page. +So use __pfn_to_phys for converting. + +Signed-off-by: Liu Hua +Signed-off-by: Russell King +Signed-off-by: Greg Kroah-Hartman + +--- + arch/arm/kernel/crash_dump.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arm/kernel/crash_dump.c ++++ b/arch/arm/kernel/crash_dump.c +@@ -39,7 +39,7 @@ ssize_t copy_oldmem_page(unsigned long p + if (!csize) + return 0; + +- vaddr = ioremap(pfn << PAGE_SHIFT, PAGE_SIZE); ++ vaddr = ioremap(__pfn_to_phys(pfn), PAGE_SIZE); + if (!vaddr) + return -ENOMEM; + diff --git a/queue-3.4/posix_acl-handle-null-acl-in-posix_acl_equiv_mode.patch b/queue-3.4/posix_acl-handle-null-acl-in-posix_acl_equiv_mode.patch new file mode 100644 index 00000000000..58d97e4766d --- /dev/null +++ b/queue-3.4/posix_acl-handle-null-acl-in-posix_acl_equiv_mode.patch @@ -0,0 +1,44 @@ +From 50c6e282bdf5e8dabf8d7cf7b162545a55645fd9 Mon Sep 17 00:00:00 2001 +From: Christoph Hellwig +Date: Sun, 4 May 2014 13:03:32 +0200 +Subject: posix_acl: handle NULL ACL in posix_acl_equiv_mode + +From: Christoph Hellwig + +commit 50c6e282bdf5e8dabf8d7cf7b162545a55645fd9 upstream. + +Various filesystems don't bother checking for a NULL ACL in +posix_acl_equiv_mode, and thus can dereference a NULL pointer when it +gets passed one. This usually happens from the NFS server, as the ACL tools +never pass a NULL ACL, but instead of one representing the mode bits. + +Instead of adding boilerplat to all filesystems put this check into one place, +which will allow us to remove the check from other filesystems as well later +on. + +Signed-off-by: Christoph Hellwig +Reported-by: Ben Greear +Reported-by: Marco Munderloh , +Cc: Chuck Lever +Signed-off-by: Al Viro +Signed-off-by: Greg Kroah-Hartman + +--- + fs/posix_acl.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/fs/posix_acl.c ++++ b/fs/posix_acl.c +@@ -155,6 +155,12 @@ posix_acl_equiv_mode(const struct posix_ + umode_t mode = 0; + int not_equiv = 0; + ++ /* ++ * A null ACL can always be presented as mode bits. ++ */ ++ if (!acl) ++ return 0; ++ + FOREACH_ACL_ENTRY(pa, acl, pe) { + switch (pa->e_tag) { + case ACL_USER_OBJ: diff --git a/queue-3.4/series b/queue-3.4/series index 10eafd16c43..a45aea7b9b0 100644 --- a/queue-3.4/series +++ b/queue-3.4/series @@ -54,3 +54,5 @@ usb-storage-shuttle_usbat-fix-discs-being-detected-twice.patch usb-nokia-305-should-be-treated-as-unusual-dev.patch usb-nokia-5300-should-be-treated-as-unusual-dev.patch rt2x00-fix-beaconing-on-usb.patch +posix_acl-handle-null-acl-in-posix_acl_equiv_mode.patch +arm-8012-1-kdump-avoid-overflow-when-converting-pfn-to-physaddr.patch -- 2.47.3