+ mm-large-system-hash-avoid-possible-null-deref-in-alloc_large_system_hash.patch added to -mm tree

akpm@xxxxxxxxxxxxxxxxxxxx · Wed, 15 Sep 2021 15:54:16 -0700

The patch titled
     Subject: mm/large system hash: avoid possible NULL deref in alloc_large_system_hash
has been added to the -mm tree.  Its filename is
     mm-large-system-hash-avoid-possible-null-deref-in-alloc_large_system_hash.patch

This patch should soon appear at
    https://ozlabs.org/~akpm/mmots/broken-out/mm-large-system-hash-avoid-possible-null-deref-in-alloc_large_system_hash.patch
and later at
    https://ozlabs.org/~akpm/mmotm/broken-out/mm-large-system-hash-avoid-possible-null-deref-in-alloc_large_system_hash.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***

The -mm tree is included into linux-next and is updated
there every 3-4 working days

------------------------------------------------------
From: Eric Dumazet <edumazet@xxxxxxxxxx>
Subject: mm/large system hash: avoid possible NULL deref in alloc_large_system_hash

If __vmalloc() returned NULL, is_vm_area_hugepages(NULL) will fault if
CONFIG_HAVE_ARCH_HUGE_VMALLOC=y

Link: https://lkml.kernel.org/r/20210915212530.2321545-1-eric.dumazet@xxxxxxxxx
Fixes: 121e6f3258fe ("mm/vmalloc: hugepage vmalloc mappings")
Signed-off-by: Eric Dumazet <edumazet@xxxxxxxxxx>
Reviewed-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Nicholas Piggin <npiggin@xxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 mm/page_alloc.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/mm/page_alloc.c~mm-large-system-hash-avoid-possible-null-deref-in-alloc_large_system_hash
+++ a/mm/page_alloc.c
@@ -8756,7 +8756,8 @@ void *__init alloc_large_system_hash(con
 		} else if (get_order(size) >= MAX_ORDER || hashdist) {
 			table = __vmalloc(size, gfp_flags);
 			virt = true;
-			huge = is_vm_area_hugepages(table);
+			if (table)
+				huge = is_vm_area_hugepages(table);
 		} else {
 			/*
 			 * If bucketsize is not a power-of-two, we may free
_

Patches currently in -mm which might be from edumazet@xxxxxxxxxx are

mm-large-system-hash-avoid-possible-null-deref-in-alloc_large_system_hash.patch







