[Trusty][CVE-2014-7822][Patch 0/1] splice: Apply generic position and size checks to each write
Luis Henriques
luis.henriques at canonical.com
Wed Feb 25 15:30:58 UTC 2015
Following this email I am sending a patch that fixes CVE-2014-7822 for
Trusty. It was cherry-picked from the stable linux-3.13.y-queue
branch.
The original upstream fix in Linus' tree is:
commit 8d0207652cbe27d1f962050737848e5ad4671958
Author: Al Viro <viro at zeniv.linux.org.uk>
Date: Sat Apr 5 04:27:08 2014 -0400
->splice_write() via ->write_iter()
However, this fix can not be applied to older kernels.
The fix for the 3.13 was based on Ben Hutchings's fix for the stable
3.2 kernel here:
https://lkml.org/lkml/2015/2/16/643
We (Kamal and me) have reviewed this patch and couldn't find out any
other splice_write implementations in the 3.13 kernel that were not
calling generic_file_splice_write. But we could be wrong :-)
Ben Hutchings (1):
splice: Apply generic position and size checks to each write
fs/ocfs2/file.c | 8 ++++++--
fs/splice.c | 8 ++++++--
2 files changed, 12 insertions(+), 4 deletions(-)
More information about the kernel-team
mailing list