This is a note to let you know that I've just added the patch titled dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter to the 6.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: dm-verity-loadpin-add-null-pointer-check-for-bdev-parameter.patch and it can be found in the queue-6.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 47f04616f2c9b2f4f0c9127e30ca515a078db591 Mon Sep 17 00:00:00 2001 From: Matthias Kaehlcke <mka@xxxxxxxxxxxx> Date: Tue, 27 Jun 2023 20:28:01 +0000 Subject: dm: verity-loadpin: Add NULL pointer check for 'bdev' parameter From: Matthias Kaehlcke <mka@xxxxxxxxxxxx> commit 47f04616f2c9b2f4f0c9127e30ca515a078db591 upstream. Add a NULL check for the 'bdev' parameter of dm_verity_loadpin_is_bdev_trusted(). The function is called by loadpin_check(), which passes the block device that corresponds to the super block of the file system from which a file is being loaded. Generally a super_block structure has an associated block device, however that is not always the case (e.g. tmpfs). Cc: stable@xxxxxxxxxxxxxxx # v6.0+ Fixes: b6c1c5745ccc ("dm: Add verity helpers for LoadPin") Signed-off-by: Matthias Kaehlcke <mka@xxxxxxxxxxxx> Link: https://lore.kernel.org/r/20230627202800.1.Id63f7f59536d20f1ab83e1abdc1fda1471c7d031@changeid Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/md/dm-verity-loadpin.c | 3 +++ 1 file changed, 3 insertions(+) --- a/drivers/md/dm-verity-loadpin.c +++ b/drivers/md/dm-verity-loadpin.c @@ -58,6 +58,9 @@ bool dm_verity_loadpin_is_bdev_trusted(s int srcu_idx; bool trusted = false; + if (bdev == NULL) + return false; + if (list_empty(&dm_verity_loadpin_trusted_root_digests)) return false; Patches currently in stable-queue which might be from mka@xxxxxxxxxxxx are queue-6.4/dm-verity-loadpin-add-null-pointer-check-for-bdev-parameter.patch