Patch "mm/damon/core: initialize damo_filter->list from damos_new_filter()" has been added to the 6.4-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Sat, 12 Aug 2023 08:15:18 +0200

This is a note to let you know that I've just added the patch titled

    mm/damon/core: initialize damo_filter->list from damos_new_filter()

to the 6.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     mm-damon-core-initialize-damo_filter-list-from-damos_new_filter.patch
and it can be found in the queue-6.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 5f1fc67f2cb8d3035d3acd273b48b97835af8afd Mon Sep 17 00:00:00 2001
From: SeongJae Park <sj@xxxxxxxxxx>
Date: Sat, 29 Jul 2023 20:37:32 +0000
Subject: mm/damon/core: initialize damo_filter->list from damos_new_filter()

From: SeongJae Park <sj@xxxxxxxxxx>

commit 5f1fc67f2cb8d3035d3acd273b48b97835af8afd upstream.

damos_new_filter() is not initializing the list field of newly allocated
filter object.  However, DAMON sysfs interface and DAMON_RECLAIM are not
initializing it after calling damos_new_filter().  As a result, accessing
uninitialized memory is possible.  Actually, adding multiple DAMOS filters
via DAMON sysfs interface caused NULL pointer dereferencing.  Initialize
the field just after the allocation from damos_new_filter().

Link: https://lkml.kernel.org/r/20230729203733.38949-2-sj@xxxxxxxxxx
Fixes: 98def236f63c ("mm/damon/core: implement damos filter")
Signed-off-by: SeongJae Park <sj@xxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 mm/damon/core.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mm/damon/core.c b/mm/damon/core.c
index 91cff7f2997e..eb9580942a5c 100644
--- a/mm/damon/core.c
+++ b/mm/damon/core.c
@@ -273,6 +273,7 @@ struct damos_filter *damos_new_filter(enum damos_filter_type type,
 		return NULL;
 	filter->type = type;
 	filter->matching = matching;
+	INIT_LIST_HEAD(&filter->list);
 	return filter;
 }
 
-- 
2.41.0



Patches currently in stable-queue which might be from sj@xxxxxxxxxx are

queue-6.4/mm-damon-core-initialize-damo_filter-list-from-damos_new_filter.patch






