Add XFS ftruncate fix, from Mike O'Connor

diff --git a/queue/series b/queue/series
index b2d484be1640163ddec295b1d67980ffcbbd7604..c2e04304b336de2e142708c469a047cd87f0eab7 100644 (file)
--- a/queue/series
+++ b/queue/series
@@ -34,3 +34,4 @@ x86_64-check-for-bad-elf-entry-address.patch
 fix-a-severe-bug.patch
 sd-fix-memory-corruption-with-broken-mode-page-headers.patch
 sbp2-fix-another-deadlock-after-disconnection.patch
+xfs-ftruncate-bug-could-expose-stale-data.patch

diff --git a/queue/xfs-ftruncate-bug-could-expose-stale-data.patch b/queue/xfs-ftruncate-bug-could-expose-stale-data.patch
new file mode 100644 (file)
index 0000000..cface3c
--- /dev/null
+++ b/queue/xfs-ftruncate-bug-could-expose-stale-data.patch
@@ -0,0 +1,27 @@
+From vendor-sec-admin@lst.de  Tue Feb 14 21:23:39 2006
+Date: Wed, 15 Feb 2006 00:17:24 -0500 (EST)
+From: "Mike O'Connor" <mjo@dojo.mi.org>
+To: 
+Subject: [PATCH] XFS ftruncate() bug could expose stale data (CVE-2006-0554)
+
+This is CVE-2006-0554 and SGI bug 942658.  With certain types of
+ftruncate() activity on 2.6 kernels, XFS can end up exposing stale
+data off disk to a user, putting extents where holes should be.  
+
+Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+---
+
+ fs/xfs/linux-2.6/xfs_aops.c |    2 +-
+ 1 files changed, 1 insertion(+), 1 deletion(-)
+
+--- linux-2.6.15.4.orig/fs/xfs/linux-2.6/xfs_aops.c
++++ linux-2.6.15.4/fs/xfs/linux-2.6/xfs_aops.c
+@@ -385,7 +385,7 @@ xfs_probe_unmapped_cluster(
+ 
+       /* First sum forwards in this page */
+       do {
+-              if (buffer_mapped(bh))
++              if (buffer_mapped(bh) || !buffer_uptodate(bh))
+                       break;
+               total += bh->b_size;
+       } while ((bh = bh->b_this_page) != head);