1
0
Fork 0
alistair23-linux/drivers/block
Omar Sandoval e5313c141b loop: remove union of use_aio and ref in struct loop_cmd
When the request is completed, lo_complete_rq() checks cmd->use_aio.
However, if this is in fact an aio request, cmd->use_aio will have
already been reused as cmd->ref by lo_rw_aio*. Fix it by not using a
union. On x86_64, there's a hole after the union anyways, so this
doesn't make struct loop_cmd any bigger.

Fixes: 92d773324b ("block/loop: fix use after free")
Signed-off-by: Omar Sandoval <osandov@fb.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
2017-09-25 08:56:05 -06:00
..
aoe block: don't set bounce limit in blk_init_queue 2017-06-27 12:13:45 -06:00
drbd drbd: remove BIOSET_NEED_RESCUER flag from drbd_{md_,}io_bio_set 2017-08-30 08:10:02 -06:00
mtip32xx Merge branch 'nvme-4.13' of git://git.infradead.org/nvme into for-linus 2017-07-10 11:44:34 -06:00
paride block: don't set bounce limit in blk_init_queue 2017-06-27 12:13:45 -06:00
rsxx block: pass in queue to inflight accounting 2017-08-09 13:09:16 -06:00
xen-blkback Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block 2017-09-07 11:59:42 -07:00
zram drivers/block/zram/zram_drv.c: convert to using memset_l 2017-09-08 18:26:48 -07:00
DAC960.c block: DAC960: shut up format-overflow warning 2017-07-29 09:00:03 -06:00
DAC960.h
Kconfig SCSI misc on 20170907 2017-09-07 21:11:05 -07:00
Makefile scsi: cciss: Drop obsolete driver 2017-08-24 22:28:57 -04:00
amiflop.c block: introduce new block status code type 2017-06-09 09:27:32 -06:00
ataflop.c block: introduce new block status code type 2017-06-09 09:27:32 -06:00
brd.c brd: fix overflow in __brd_direct_access 2017-09-25 08:56:05 -06:00
cryptoloop.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
floppy.c block: replace bi_bdev with a gendisk pointer and partitions index 2017-08-23 12:49:55 -06:00
loop.c Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block 2017-09-07 11:59:42 -07:00
loop.h loop: remove union of use_aio and ref in struct loop_cmd 2017-09-25 08:56:05 -06:00
nbd.c nbd: ignore non-nbd ioctl's 2017-09-25 08:56:05 -06:00
null_blk.c Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block 2017-09-07 11:59:42 -07:00
pktcdvd.c block: replace bi_bdev with a gendisk pointer and partitions index 2017-08-23 12:49:55 -06:00
ps3disk.c block: introduce new block status code type 2017-06-09 09:27:32 -06:00
ps3vram.c block/ps3vram: Check return of ps3vram_cache_init 2017-08-17 23:03:44 +10:00
rbd.c rbd: silence bogus uninitialized use warning in rbd_acquire_lock() 2017-09-06 19:56:42 +02:00
rbd_types.h rbd: RBD_V{1,2}_DATA_FORMAT macros 2017-02-20 12:16:15 +01:00
skd_main.c skd: Let the block layer core choose .nr_requests 2017-08-29 09:43:06 -06:00
skd_s1120.h skd: Use __packed only when needed 2017-08-18 08:45:29 -06:00
smart1,2.h fix typos 'comamnd' -> 'command' in comments 2011-02-02 11:31:21 +01:00
sunvdc.c sunvdc: prevent sunvdc panic when mpgroup disk added to guest domain 2017-08-09 22:22:32 -07:00
swim.c block: don't set bounce limit in blk_init_queue 2017-06-27 12:13:45 -06:00
swim3.c block: don't set bounce limit in blk_init_queue 2017-06-27 12:13:45 -06:00
swim_asm.S
sx8.c block: introduce new block status code type 2017-06-09 09:27:32 -06:00
umem.c blk: remove bio_set arg from blk_queue_split() 2017-06-18 12:40:59 -06:00
umem.h
virtio_blk.c Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block 2017-09-07 11:59:42 -07:00
xen-blkfront.c Merge branch 'for-4.14/block' of git://git.kernel.dk/linux-block 2017-09-07 11:59:42 -07:00
xsysace.c block: don't set bounce limit in blk_init_queue 2017-06-27 12:13:45 -06:00
z2ram.c block: introduce new block status code type 2017-06-09 09:27:32 -06:00