Patch "powerpc/mm: Fix null-pointer dereference in pgtable_cache_add" has been added to the 5.15-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Thu, 1 Feb 2024 12:28:07 -0500

This is a note to let you know that I've just added the patch titled

    powerpc/mm: Fix null-pointer dereference in pgtable_cache_add

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     powerpc-mm-fix-null-pointer-dereference-in-pgtable_c.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 6f38fd000e2856ee824f455b2b31662311aa1cbb
Author: Kunwu Chan <chentao@xxxxxxxxxx>
Date:   Mon Dec 4 10:32:23 2023 +0800

    powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
    
    [ Upstream commit f46c8a75263f97bda13c739ba1c90aced0d3b071 ]
    
    kasprintf() returns a pointer to dynamically allocated memory
    which can be NULL upon failure. Ensure the allocation was successful
    by checking the pointer validity.
    
    Suggested-by: Christophe Leroy <christophe.leroy@xxxxxxxxxx>
    Suggested-by: Michael Ellerman <mpe@xxxxxxxxxxxxxx>
    Signed-off-by: Kunwu Chan <chentao@xxxxxxxxxx>
    Signed-off-by: Michael Ellerman <mpe@xxxxxxxxxxxxxx>
    Link: https://msgid.link/20231204023223.2447523-1-chentao@xxxxxxxxxx
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/arch/powerpc/mm/init-common.c b/arch/powerpc/mm/init-common.c
index 3a82f89827a5..4bc8f0c893a2 100644
--- a/arch/powerpc/mm/init-common.c
+++ b/arch/powerpc/mm/init-common.c
@@ -105,7 +105,7 @@ void pgtable_cache_add(unsigned int shift)
 	 * as to leave enough 0 bits in the address to contain it. */
 	unsigned long minalign = max(MAX_PGTABLE_INDEX_SIZE + 1,
 				     HUGEPD_SHIFT_MASK + 1);
-	struct kmem_cache *new;
+	struct kmem_cache *new = NULL;
 
 	/* It would be nice if this was a BUILD_BUG_ON(), but at the
 	 * moment, gcc doesn't seem to recognize is_power_of_2 as a
@@ -118,7 +118,8 @@ void pgtable_cache_add(unsigned int shift)
 
 	align = max_t(unsigned long, align, minalign);
 	name = kasprintf(GFP_KERNEL, "pgtable-2^%d", shift);
-	new = kmem_cache_create(name, table_size, align, 0, ctor(shift));
+	if (name)
+		new = kmem_cache_create(name, table_size, align, 0, ctor(shift));
 	if (!new)
 		panic("Could not allocate pgtable cache for order %d", shift);
 







