The patch titled
kernel/user.c: fix freeing user_struct in user cache
has been added to the -mm tree. Its filename is
kernel-userc-fix-freeing-user_struct-in-user-cache.patch
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/SubmitChecklist when testing your code ***
See http://userweb.kernel.org/~akpm/stuff/added-to-mm.txt to find
out what to do about this
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: kernel/user.c: fix freeing user_struct in user cache
From: Hillf Danton <[email protected]>
When racing on adding into user cache, the new allocated from mm slab
is freed without putting user namespace.
Since the user namespace is already operated by getting, putting has
to be issued.
Signed-off-by: Hillf Danton <[email protected]>
Acked-by: Serge Hallyn <[email protected]>
Cc: <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
---
kernel/user.c | 1 +
1 file changed, 1 insertion(+)
diff -puN kernel/user.c~kernel-userc-fix-freeing-user_struct-in-user-cache
kernel/user.c
--- a/kernel/user.c~kernel-userc-fix-freeing-user_struct-in-user-cache
+++ a/kernel/user.c
@@ -158,6 +158,7 @@ struct user_struct *alloc_uid(struct use
spin_lock_irq(&uidhash_lock);
up = uid_hash_find(uid, hashent);
if (up) {
+ put_user_ns(ns);
key_put(new->uid_keyring);
key_put(new->session_keyring);
kmem_cache_free(uid_cachep, new);
_
Patches currently in -mm which might be from [email protected] are
linux-next.patch
kernel-userc-fix-freeing-user_struct-in-user-cache.patch
_______________________________________________
stable mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/stable
