This is a note to let you know that I've just added the patch titled libbpf: Ensure umem pointer is non-NULL before dereferencing to the 5.11-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: libbpf-ensure-umem-pointer-is-non-null-before-dereferencing.patch and it can be found in the queue-5.11 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From df662016310aa4475d7986fd726af45c8fe4f362 Mon Sep 17 00:00:00 2001 From: Ciara Loftus <ciara.loftus@xxxxxxxxx> Date: Wed, 31 Mar 2021 06:12:16 +0000 Subject: libbpf: Ensure umem pointer is non-NULL before dereferencing From: Ciara Loftus <ciara.loftus@xxxxxxxxx> commit df662016310aa4475d7986fd726af45c8fe4f362 upstream. Calls to xsk_socket__create dereference the umem to access the fill_save and comp_save pointers. Make sure the umem is non-NULL before doing this. Fixes: 2f6324a3937f ("libbpf: Support shared umems between queues and devices") Signed-off-by: Ciara Loftus <ciara.loftus@xxxxxxxxx> Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx> Acked-by: Magnus Karlsson <magnus.karlsson@xxxxxxxxx> Link: https://lore.kernel.org/bpf/20210331061218.1647-2-ciara.loftus@xxxxxxxxx Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- tools/lib/bpf/xsk.c | 3 +++ 1 file changed, 3 insertions(+) --- a/tools/lib/bpf/xsk.c +++ b/tools/lib/bpf/xsk.c @@ -944,6 +944,9 @@ int xsk_socket__create(struct xsk_socket struct xsk_ring_cons *rx, struct xsk_ring_prod *tx, const struct xsk_socket_config *usr_config) { + if (!umem) + return -EFAULT; + return xsk_socket__create_shared(xsk_ptr, ifname, queue_id, umem, rx, tx, umem->fill_save, umem->comp_save, usr_config); Patches currently in stable-queue which might be from ciara.loftus@xxxxxxxxx are queue-5.11/libbpf-only-create-rx-and-tx-xdp-rings-when-necessary.patch queue-5.11/libbpf-ensure-umem-pointer-is-non-null-before-dereferencing.patch queue-5.11/libbpf-restore-umem-state-after-socket-create-failure.patch