Re: [PATCH] mm: fix potential NULL pointer dereference in pagetable_alloc_noprof

Re: [PATCH] mm: fix potential NULL pointer dereference in pagetable_alloc_noprof

[Lorenzo Stoakes]

+cc mailing lists

Please ensure you always cc these when submitting patches by the way :)

On Wed, May 21, 2025 at 01:46:48PM +0100, Lorenzo Stoakes wrote:
> On Wed, May 21, 2025 at 08:40:08PM +0800, Ye Chey wrote:
> > The pagetable_alloc_noprof function does not check the return value of
> > alloc_pages_noprof, which could lead to a NULL pointer dereference when
> > memory allocation fails. Add a NULL check to prevent this issue.
> >
> > Signed-off-by: Ye Chey <yechey@ai-sast.com>
> > ---
> >  include/linux/mm.h | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/include/linux/mm.h b/include/linux/mm.h
> > index bf5520693..9052bb531 100644
> > --- a/include/linux/mm.h
> > +++ b/include/linux/mm.h
> > @@ -3000,7 +3000,8 @@ static inline bool pagetable_is_reserved(struct ptdesc *pt)
> >  static inline struct ptdesc *pagetable_alloc_noprof(gfp_t gfp, unsigned int order)
> >  {
> >  	struct page *page = alloc_pages_noprof(gfp | __GFP_COMP, order);
> > -
> > +	if (!page)
> > +		return NULL;
> >  	return page_ptdesc(page);
>
> Doesn't page_ptdesc() just cast the page to the appropriate type? And thus can
> handle it being NULL?
>
> >  }
> >  #define pagetable_alloc(...)	alloc_hooks(pagetable_alloc_noprof(__VA_ARGS__))
> > --
> > 2.44.0
> >

Re: [PATCH] mm: fix potential NULL pointer dereference in pagetable_alloc_noprof

[Qi Zheng]

On 5/21/25 8:48 PM, Lorenzo Stoakes wrote:
> +cc mailing lists
> 
> Please ensure you always cc these when submitting patches by the way :)
> 
> On Wed, May 21, 2025 at 01:46:48PM +0100, Lorenzo Stoakes wrote:
>> On Wed, May 21, 2025 at 08:40:08PM +0800, Ye Chey wrote:
>>> The pagetable_alloc_noprof function does not check the return value of
>>> alloc_pages_noprof, which could lead to a NULL pointer dereference when
>>> memory allocation fails. Add a NULL check to prevent this issue.
>>>
>>> Signed-off-by: Ye Chey <yechey@ai-sast.com>
>>> ---
>>>   include/linux/mm.h | 3 ++-
>>>   1 file changed, 2 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/include/linux/mm.h b/include/linux/mm.h
>>> index bf5520693..9052bb531 100644
>>> --- a/include/linux/mm.h
>>> +++ b/include/linux/mm.h
>>> @@ -3000,7 +3000,8 @@ static inline bool pagetable_is_reserved(struct ptdesc *pt)
>>>   static inline struct ptdesc *pagetable_alloc_noprof(gfp_t gfp, unsigned int order)
>>>   {
>>>   	struct page *page = alloc_pages_noprof(gfp | __GFP_COMP, order);
>>> -
>>> +	if (!page)
>>> +		return NULL;
>>>   	return page_ptdesc(page);
>>
>> Doesn't page_ptdesc() just cast the page to the appropriate type? And thus can
>> handle it being NULL?

Right, no NULL check is needed here.

>>
>>>   }
>>>   #define pagetable_alloc(...)	alloc_hooks(pagetable_alloc_noprof(__VA_ARGS__))
>>> --
>>> 2.44.0
>>>