kernel-ark/mm
Nick Piggin f7009264c5 iov_iter_advance() fix
iov_iter_advance() skips over zero-length iovecs, however it does not properly
terminate at the end of the iovec array.  Fix this by checking against
i->count before we skip a zero-length iov.

The bug was reproduced with a test program that continually randomly creates
iovs to writev.  The fix was also verified with the same program and also it
could verify that the correct data was contained in the file after each
writev.

Signed-off-by: Nick Piggin <npiggin@suse.de>
Tested-by: "Kevin Coffman" <kwc@citi.umich.edu>
Cc: "Alexey Dobriyan" <adobriyan@gmail.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-03-10 18:01:20 -07:00
..
allocpercpu.c alloc_percpu() fails to allocate percpu data 2008-03-04 16:35:11 -08:00
backing-dev.c
bootmem.c Introduce flags for reserve_bootmem() 2008-02-07 08:42:25 -08:00
bounce.c
dmapool.c
fadvise.c check ADVICE of fadvise64_64 even if get_xip_page is given 2008-02-05 09:44:19 -08:00
filemap_xip.c Use pgoff_t instead of unsigned long 2008-02-08 09:22:32 -08:00
filemap.c iov_iter_advance() fix 2008-03-10 18:01:20 -07:00
fremap.c sys_remap_file_pages: fix ->vm_file accounting 2008-02-05 09:44:07 -08:00
highmem.c mm: remove fastcall from mm/ 2008-02-05 09:44:18 -08:00
hugetlb.c hugetlb: correct page count for surplus huge pages 2008-03-10 18:01:19 -07:00
internal.h Solve section mismatch for free_area_init_core. 2008-02-23 17:13:24 -08:00
Kconfig
madvise.c
Makefile Memory controller: rename to Memory Resource Controller 2008-03-04 16:35:12 -08:00
memcontrol.c memcg: fix oops on NULL lru list 2008-03-04 16:35:15 -08:00
memory_hotplug.c Page allocator: clean up pcp draining functions 2008-02-05 09:44:17 -08:00
memory.c memcg: when do_swap's do_wp_page fails 2008-03-04 16:35:14 -08:00
mempolicy.c mempolicy: fix reference counting bugs 2008-03-10 18:01:19 -07:00
mempool.c
migrate.c memcg: fix VM_BUG_ON from page migration 2008-03-04 16:35:14 -08:00
mincore.c
mlock.c
mmap.c mm: special mapping nopage 2008-02-08 18:57:39 -08:00
mmzone.c
mprotect.c
mremap.c
msync.c
nommu.c nommu: add new vmalloc_user() and remap_vmalloc_range() interfaces. 2008-02-05 09:44:21 -08:00
oom_kill.c Memory controller: rename to Memory Resource Controller 2008-03-04 16:35:12 -08:00
page_alloc.c memcg: bad page if page_cgroup when free 2008-03-04 16:35:15 -08:00
page_io.c mm: fix PageUptodate data race 2008-02-05 09:44:19 -08:00
page_isolation.c
page-writeback.c writeback: speed up writeback of big dirty files 2008-02-05 09:44:19 -08:00
pagewalk.c maps4: introduce a generic page walker 2008-02-05 09:44:16 -08:00
pdflush.c
prio_tree.c
quicklist.c
readahead.c
rmap.c memcg: mm_match_cgroup not vm_match_cgroup 2008-03-04 16:35:14 -08:00
shmem_acl.c
shmem.c memcg: mem_cgroup_charge never NULL 2008-03-04 16:35:15 -08:00
slab.c slab: NUMA slab allocator migration bugfix 2008-03-06 16:21:50 -08:00
slob.c slob: reduce external fragmentation by using three free lists 2008-02-05 09:44:19 -08:00
slub.c slub: Do not cross cacheline boundaries for very small objects 2008-03-06 16:21:50 -08:00
sparse-vmemmap.c
sparse.c mm: fix section mismatch warning in sparse.c 2008-02-05 09:44:19 -08:00
swap_state.c memcgroup: revert swap_state mods 2008-02-07 08:42:20 -08:00
swap.c memcg: move_lists on page not page_cgroup 2008-03-04 16:35:14 -08:00
swapfile.c d_path: Make seq_path() use a struct path argument 2008-02-14 21:17:08 -08:00
thrash.c
tiny-shmem.c Remove unused code from mm/tiny-shmem.c 2008-02-05 09:44:17 -08:00
truncate.c docbook: fix kernel-api source files 2008-03-03 10:47:14 -08:00
util.c
vmalloc.c CONFIG_HIGHPTE vs. sub-page page tables. 2008-02-08 09:22:42 -08:00
vmscan.c memcg: move_lists on page not page_cgroup 2008-03-04 16:35:14 -08:00
vmstat.c vmstat: remove prefetch 2008-02-05 09:44:18 -08:00