# http://linux.bkbits.net:8080/linux-2.4/gnupatch@40575a9epBHk-c8KEyc5eYwpXn6Cgg
# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0181
# http://www.ultramonkey.org/bugs/cve/CAN-2004-0181.shtml

# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
#   2004/03/16 13:50:54-06:00 shaggy@austin.ibm.com 
#   JFS: zero new log pages, etc.
# 
# fs/jfs/jfs_logmgr.c
#   2004/03/16 13:50:52-06:00 shaggy@austin.ibm.com +1 -1
#   zero new log pages
# 
# fs/jfs/jfs_metapage.c
#   2004/03/16 13:50:52-06:00 shaggy@austin.ibm.com +4 -0
#   Zero new metadata pages
# 
# fs/jfs/super.c
#   2004/03/16 13:50:52-06:00 shaggy@austin.ibm.com +1 -1
#   zero jfs incore inode
# 
diff -Nru a/fs/jfs/jfs_logmgr.c b/fs/jfs/jfs_logmgr.c
--- a/fs/jfs/jfs_logmgr.c	2004-06-14 04:37:26 -07:00
+++ b/fs/jfs/jfs_logmgr.c	2004-06-14 04:37:26 -07:00
@@ -1697,7 +1697,7 @@
 		if (lbuf == 0)
 			goto error;
 		lbuf->l_bh.b_data = lbuf->l_ldata =
-		    (char *) __get_free_page(GFP_KERNEL);
+		    (char *) get_zeroed_page(GFP_KERNEL);
 		if (lbuf->l_ldata == 0) {
 			kfree(lbuf);
 			goto error;
diff -Nru a/fs/jfs/jfs_metapage.c b/fs/jfs/jfs_metapage.c
--- a/fs/jfs/jfs_metapage.c	2004-06-14 04:37:26 -07:00
+++ b/fs/jfs/jfs_metapage.c	2004-06-14 04:37:26 -07:00
@@ -385,6 +385,10 @@
 		}
 		mp->data = kmap(mp->page) + page_offset;
 	}
+
+	if (new)
+		memset(mp->data, 0, PSIZE);
+
 	jfs_info("__get_metapage: returning = 0x%p", mp);
 	return mp;
 
diff -Nru a/fs/jfs/super.c b/fs/jfs/super.c
--- a/fs/jfs/super.c	2004-06-14 04:37:26 -07:00
+++ b/fs/jfs/super.c	2004-06-14 04:37:26 -07:00
@@ -481,10 +481,10 @@
 
 	if ((flags & (SLAB_CTOR_VERIFY | SLAB_CTOR_CONSTRUCTOR)) ==
 	    SLAB_CTOR_CONSTRUCTOR) {
+		memset(jfs_ip, 0, sizeof(struct jfs_inode_info));
 		INIT_LIST_HEAD(&jfs_ip->anon_inode_list);
 		init_rwsem(&jfs_ip->rdwrlock);
 		init_MUTEX(&jfs_ip->commit_sem);
-		jfs_ip->atlhead = 0;
 		jfs_ip->active_ag = -1;
 	}
 }