From: Liu ShuoX <shuox....@intel.com>
3.12-stable review patch. If anyone has any objections, please let me know.
===============
commit aa9a4a1edfbd3d223af01db833da2f07850bc655 upstream.
In ramoops_pstore_read, a valid prz pointer with zero size buffer will
break traverse of all persistent ram buffers. The latter buffer might be
lost.
Signed-off-by: Liu ShuoX <shuox....@intel.com>
Cc: "Zhang, Yanmin" <yanmin_zh...@linux.intel.com>
Cc: Colin Cross <ccr...@android.com>
Reviewed-by: Kees Cook <keesc...@chromium.org>
Signed-off-by: Andrew Morton <a...@linux-foundation.org>
Signed-off-by: Tony Luck <tony.l...@intel.com>
Cc: HuKeping <hukep...@huawei.com>
Signed-off-by: Jiri Slaby <jsl...@suse.cz>
---
fs/pstore/ram.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c
index 36ffe55b579d..808435a9e2e1 100644
--- a/fs/pstore/ram.c
+++ b/fs/pstore/ram.c
@@ -126,12 +126,12 @@ ramoops_get_next_prz(struct persistent_ram_zone *przs[],
uint *c, uint max,
prz = przs[i];
- if (update) {
- /* Update old/shadowed buffer. */
+ /* Update old/shadowed buffer. */
+ if (update)
persistent_ram_save_old(prz);
- if (!persistent_ram_old_size(prz))
- return NULL;
- }
+
+ if (!persistent_ram_old_size(prz))
+ return NULL;
*typep = type;
*id = i;
--
2.2.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
