From: Jens Axboe <jaxboe@fusionio.com>
Date: Sun, 5 Jun 2011 04:01:13 +0000 (+0200)
Subject: cfq-iosched: fix locking around ioc->ioc_data assignment
X-Git-Tag: v3.0-rc5~35^2~6
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ab4bd22d3cce6977dc039664cc2d052e3147d662;p=pandora-kernel.git

cfq-iosched: fix locking around ioc->ioc_data assignment

Since we are modifying this RCU pointer, we need to hold
the lock protecting it around it.

This fixes a potential reuse and double free of a cfq
io_context structure. The bug has been in CFQ for a long
time, it hit very few people but those it did hit seemed
to see it a lot.

Tracked in RH bugzilla here:

https://bugzilla.redhat.com/show_bug.cgi?id=577968

Credit goes to Paul Bolle for figuring out that the issue
was around the one-hit ioc->ioc_data cache. Thanks to his
hard work the issue is now fixed.

Cc: stable@kernel.org
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
---

Reading git-diff-tree failed