Description of problem: Alexey Dobriyan reported that it is possible to crash a machine by running ftest03 from the LTP test suite (20080630). The iov_iter_advance() function would look at the iov->iov_len entry even though it might have iterated over the whole array, and iov was pointing past the end. This would cause DEBUG_PAGEALLOC to trigger a kernel page fault if the allocation was at the end of a page, and the next page was unallocated. http://lkml.org/lkml/2008/7/30/446
Proposed upstream patch: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=94ad374a0751f40d25e22e036c37f7263569d24c
Created attachment 313297 [details] LTP testsuite package 20080630
Created attachment 313298 [details] Proposed backported patch for MRG kernel
This was addressed via: MRG Realtime for RHEL 5 Server (RHSA-2008:0857)