Revision 7c990728b99ed6fbe9c75fc202fce1172d9916da authored by Suraj Jitindar Singh on 19 February 2020, 03:08:51 UTC, committed by Theodore Ts'o on 22 February 2020, 00:31:46 UTC
During an online resize an array of s_flex_groups structures gets replaced so it can get enlarged. If there is a concurrent access to the array and this memory has been reused then this can lead to an invalid memory access. The s_flex_group array has been converted into an array of pointers rather than an array of structures. This is to ensure that the information contained in the structures cannot get out of sync during a resize due to an accessor updating the value in the old structure after it has been copied but before the array pointer is updated. Since the structures them- selves are no longer copied but only the pointers to them this case is mitigated. Link: https://bugzilla.kernel.org/show_bug.cgi?id=206443 Link: https://lore.kernel.org/r/20200221053458.730016-4-tytso@mit.edu Signed-off-by: Suraj Jitindar Singh <surajjs@amazon.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Cc: stable@kernel.org
1 parent df3da4e
| File | Mode | Size |
|---|---|---|
| Documentation | ||
| LICENSES | ||
| arch | ||
| block | ||
| certs | ||
| crypto | ||
| drivers | ||
| fs | ||
| include | ||
| init | ||
| ipc | ||
| kernel | ||
| lib | ||
| mm | ||
| net | ||
| samples | ||
| scripts | ||
| security | ||
| sound | ||
| tools | ||
| usr | ||
| virt | ||
| .clang-format | -rw-r--r-- | 15.0 KB |
| .cocciconfig | -rw-r--r-- | 59 bytes |
| .get_maintainer.ignore | -rw-r--r-- | 71 bytes |
| .gitattributes | -rw-r--r-- | 62 bytes |
| .gitignore | -rw-r--r-- | 1.7 KB |
| .mailmap | -rw-r--r-- | 14.8 KB |
| COPYING | -rw-r--r-- | 423 bytes |
| CREDITS | -rw-r--r-- | 97.3 KB |
| Kbuild | -rw-r--r-- | 1.3 KB |
| Kconfig | -rw-r--r-- | 595 bytes |
| MAINTAINERS | -rw-r--r-- | 532.9 KB |
| Makefile | -rw-r--r-- | 58.9 KB |
| README | -rw-r--r-- | 727 bytes |
Computing file changes ...
