From: SeongJae Park <sj@xxxxxxxxxx> commit 8468b486612c808c9e337708d66a435498f1735c upstream. A DAMON sysfs interface user can start DAMON with a scheme, remove the sysfs directory for the scheme, and then ask update of the scheme's stats. Because the schemes stats update logic isn't aware of the situation, it results in an invalid memory access. Fix the bug by checking if the scheme sysfs directory exists. Link: https://lkml.kernel.org/r/20221114175552.1951-1-sj@xxxxxxxxxx Fixes: 0ac32b8affb5 ("mm/damon/sysfs: support DAMOS stats") Signed-off-by: SeongJae Park <sj@xxxxxxxxxx> Cc: <stable@xxxxxxxxxxxxxxx> [v5.18] Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- mm/damon/sysfs.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/mm/damon/sysfs.c +++ b/mm/damon/sysfs.c @@ -2342,6 +2342,10 @@ static int damon_sysfs_upd_schemes_stats damon_for_each_scheme(scheme, ctx) { struct damon_sysfs_stats *sysfs_stats; + /* user could have removed the scheme sysfs dir */ + if (schemes_idx >= sysfs_schemes->nr) + break; + sysfs_stats = sysfs_schemes->schemes_arr[schemes_idx++]->stats; sysfs_stats->nr_tried = scheme->stat.nr_tried; sysfs_stats->sz_tried = scheme->stat.sz_tried;
