1 files changed, 47 insertions, 0 deletions

diff --git a/meta-fsl-ppc/recipes-kernel/linux/files/Fix-for-CVE-2014-5045-fs-umount-on-symlink-leak.patch b/meta-fsl-ppc/recipes-kernel/linux/files/Fix-for-CVE-2014-5045-fs-umount-on-symlink-leak.patch
new file mode 100644
index 00000000..1ae600fb
--- /dev/null
+++ b/meta-fsl-ppc/recipes-kernel/linux/files/Fix-for-CVE-2014-5045-fs-umount-on-symlink-leak.patch
@@ -0,0 +1,47 @@
+fs: umount on symlink leaks mnt count
+
+commit 295dc39d941dc2ae53d5c170365af4c9d5c16212 upstream.
+
+Currently umount on symlink blocks following umount:
+
+/vz is separate mount
+
+drwxr-xr-x.  2 root root       4096 Jul 19 01:14 testdir
+lrwxrwxrwx.  1 root root         11 Jul 19 01:16 testlink -> /vz/testdir
+umount: /vz/testlink: not mounted (expected)
+
+umount: /vz: device is busy. (unexpected)
+
+In this case mountpoint_last() gets an extra refcount on path->mnt
+
+Upstream-Status: Backport
+
+Signed-off-by: Vasily Averin <vvs@openvz.org>
+Acked-by: Ian Kent <raven@themaw.net>
+Acked-by: Jeff Layton <jlayton@primarydata.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ fs/namei.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/fs/namei.c b/fs/namei.c
+index 187cacf..c199dcc 100644
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -2280,9 +2280,10 @@ done:
+ 		goto out;
+ 	}
+ 	path->dentry = dentry;
+-	path->mnt = mntget(nd->path.mnt);
++	path->mnt = nd->path.mnt;
+ 	if (should_follow_link(dentry->d_inode, nd->flags & LOOKUP_FOLLOW))
+ 		return 1;
++	mntget(path->mnt);
+ 	follow_mount(path);
+ 	error = 0;
+ out:
+-- 
+1.9.1
+