From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19C3EE77197 for ; Tue, 7 Jan 2025 07:38:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 834976B00C2; Tue, 7 Jan 2025 02:38:45 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 7BD636B00C3; Tue, 7 Jan 2025 02:38:45 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6347A6B00C5; Tue, 7 Jan 2025 02:38:45 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 3E40A6B00C2 for ; Tue, 7 Jan 2025 02:38:45 -0500 (EST) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id EB33EAF2DD for ; Tue, 7 Jan 2025 07:38:44 +0000 (UTC) X-FDA: 82979853768.12.F65E378 Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by imf04.hostedemail.com (Postfix) with ESMTP id 1ABB740003 for ; Tue, 7 Jan 2025 07:38:42 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=g3GPUwMU; spf=pass (imf04.hostedemail.com: domain of senozhatsky@chromium.org designates 209.85.214.169 as permitted sender) smtp.mailfrom=senozhatsky@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1736235523; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=c6TpyBIBHhRqCq2NSRZgwqe9hlCBkCrXXo96kF987tg=; b=X6hywTsXHmDzytwyTJCc0T2BjxS7EkesGmR/+lPJuewTP5XwRsM03ugkzSE18Il/TBGl5J pErT5NX485syihoW6oA/R78EXyW3QyzotsWnC9Hoc/Lr52M5r4oB6ZXeG/sfP4QqQx1k/x 1N8029a7lRzDThge4K0JfUDi68XMDVc= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=chromium.org header.s=google header.b=g3GPUwMU; spf=pass (imf04.hostedemail.com: domain of senozhatsky@chromium.org designates 209.85.214.169 as permitted sender) smtp.mailfrom=senozhatsky@chromium.org; dmarc=pass (policy=none) header.from=chromium.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1736235523; a=rsa-sha256; cv=none; b=QY3nn+JhVlpjUyv0NRPIev1L1df13DV10CbcMnu4A8g3ruEFpwrLH+N/9Nh7W2I6i1m6Vh aodk5eYmEuVEyS5ZGW9LUSEukoAAjmgpkxqG3XMnuhOPpVw2s7sRK6+62gEfgvnAHLOhCa rqkYCYgUMvJnDHTbDM2mgREC74ZsrZA= Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-2164b1f05caso216502935ad.3 for ; Mon, 06 Jan 2025 23:38:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1736235522; x=1736840322; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=c6TpyBIBHhRqCq2NSRZgwqe9hlCBkCrXXo96kF987tg=; b=g3GPUwMUHNXPpORVnhdQbTmdNo9iwvwfKEU3ncXT03EP7Yeyt1fRAbHC806x3lffsc mcdVueQ3/Uy6FdrH0tci9TywjFN//pfEXmZLsrZK+PiJdHrJWX/ua2Wl/Uigzzlb4Rme Ocpe+0Zi5wWEroEcf9KZQlPLN2AVSISfzX0mQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1736235522; x=1736840322; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=c6TpyBIBHhRqCq2NSRZgwqe9hlCBkCrXXo96kF987tg=; b=VnclD5ylDXHGM9Lr6oyxLuagnMbUKK4Cc+sCfwudnOMcfmwb3VvhwLt5Ildx2eIjTN dYPRc8t3FmOtRgg+HO3erD6cxOTAC3UaQjJJb2Xiq5IUundRI5si/swUI3eVeLqXoIRb jSLI4IUW4EDJkxOHlNh13BhjVwNWQCQPUGcSJNn5Xaq6NDHznWP4gT+s2mUs002UelqL 0QeccS1KwbHi1tQDpmp+y5d6YJmy68aREkiKiVwdrLkDAbiAQHBn5N02wKZqIZt0BEd+ wda2sU9gMV6loUZ5xrSoRRXIvdm6FVcu10wcuOJX0F/BuvBu7t/7hf4ikB9J9/s7/Cey aSOA== X-Gm-Message-State: AOJu0YxR3n3L1fwMp6LeARF0p52P6B0S5JDDNrS34SdC0dUMzNHZ3Xjv vezRwRygcPuiICW73kDXjq+27NKaK32QHq/Mf8eYL9mDMpeg1VvucxJCov8mxQH9b+LyPMMiT6g = X-Gm-Gg: ASbGncvg79ejynKlTGTCD9CEhgg0eOAce8hstxz1iNrqEP5XZzR9pD/2SLTgGJHYOsm g90vRI3EF84g7Tna463HxO/7D//DpbiY91aH8OdJasdj/wIzCjG4U81/afFaaJQ5YY7ChzAlqv0 yzHtJOQVeHgsqx/4in7fH4VnI/AkI4/7K3p6MW7d9FC3uoRyoWimh8GzVFiYL0Vmo8Ov463N60R bKgqjLUZyaxVCC0+kxLsS3yJlR8/6MTjeDxXv4GMrvSkcwlx07Z+Lhx7bhC X-Google-Smtp-Source: AGHT+IFP9fBz3XVX9qDbkVrQfLxKKg2cGiqLB8JwvWr59yDGayoZBFKqHGqMHDY/d4+jdwiBBRO7JQ== X-Received: by 2002:a05:6a21:33aa:b0:1e5:a0d8:5a33 with SMTP id adf61e73a8af0-1e5e048adb9mr95188628637.18.1736235521892; Mon, 06 Jan 2025 23:38:41 -0800 (PST) Received: from google.com ([2401:fa00:8f:203:c142:c1e8:32c2:942a]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72aad81582asm32720364b3a.9.2025.01.06.23.38.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Jan 2025 23:38:41 -0800 (PST) Date: Tue, 7 Jan 2025 16:38:36 +0900 From: Sergey Senozhatsky To: Andrew Morton , Kairui Song Cc: linux-mm@kvack.org, Minchan Kim , Sergey Senozhatsky , linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: Re: [PATCH] zram: fix potential UAF of zram table Message-ID: References: <20250107065446.86928-1-ryncsn@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20250107065446.86928-1-ryncsn@gmail.com> X-Rspamd-Queue-Id: 1ABB740003 X-Rspamd-Server: rspam12 X-Stat-Signature: 46twqhk6p58p9qmcpwn8hni56ocu8qcy X-Rspam-User: X-HE-Tag: 1736235522-802153 X-HE-Meta: U2FsdGVkX1+uuKNvs41H6IB97IgzjcSGcpxWAupwvl2ce1gOzNgFHfsypYhMMVFTcOBwPspYfhEiAoT3dePchSz70N8urOk/KDlSdQxe1CBpthpXefymThwB1hRgl/AMJl6YNPdMrKYMuyJuCXLH3k2M7LrI+CF8ee+5ImjPqp+6Ff7FulkqPQOtr2HfJx9QOa1nvIvdQRPZGb1LWdIf9NR+7upBTysgQIEYRnv+YI5BcTUqHNhM0W3nMscAIRGUjPUuJB2DUnhrDGcR84itvotqntbiiyZBwb2ZsgKiJSDNLvj427ptScPSkRVqmo2hxb/8wZfydYmksv4iJWuyvct6O2uPDVHmOYg/tCmxty3i82hqJGpr1flX8evfoFZF37tyGt3MhPqGS6Qj1otfQQ4aKmCojLBETIM6Jy7PajiFJGWot83Yc159XI8dL3ufGuoEfS5SWsH3z/Qn7X0eUI3f6fsmUNQsiAdcP53V74b3vKBiA3OT3pI9TMNsPah2WiXBW0IIDdrNxGBag9IKVR6eZcv71L3O+38TKAs1zZCLfd/8vRtsmuUiegPTfNNlFZ19brPrv/fYYLh4PBBYA153d1rK2MhJN+AGQWaxJreyrIeKMah5W3zc9RIDS35EfkYiXf0gVXdIlhcexQMPGIP5JCsFMDX2SQBWJBa5kApo3Zal8B/Ik8hMiXmQpVt9/u3IdIKsR1yaeTXUghRX0izU/tOmMSF2AkuRksEXqrUYBEY4zesaydaSVlCdxvaZVv+iZkemvQdVY2qMaEMHbBVbiJU7YuaKZXgFI7rqs4XQ1N596EgeuklX/newkvH2SzqPonrkft0bcO3frta3AbT6KVFlB4SqxYXesXMt2mxwCJL7fb+l2hkeC/Y4Y1VA2bAvZlgQi/xfnZ9Okc8VxmN0Bu3Y2eLOAfBQReIq8U8pAtPSebnx7ebjbWSGDJCiZ64at3zqlyqT3ZyFqYh bP+br0PF cPhs3FdBmKHMp2fZIjeoS26U2d/Z/OGdHPv9tPMR/hYoqYxB6ge98uyYaoK8hreUHgE6BZzOdSgapjtzyzZEhxmXj30OKurreaud3Z8a78+T3wCeTZpIpVkLhLtAFWV/I7F3RQQXllkTKCyl3imSLjEb7QGAcBo5kRY3AntnqS8qFd0ADJvwgDd21L//kv9gZD63F1jg1icgTe1KDKFcRAYvtYV17g+Sfd46IWoFdDFGU3os5c+Sqqqb+oeOA4x2GfabAKpvxSfZ5SeQrk2xs1eqjKuEiE4GEgQ6YMEY8vqB4BCttF8oOtDaoqxiB/foAt4X/LGuJmfYSM1VddCMr0vcTFOMoSM9EBeBN1rWjmNDvbOTTo/p4lmWSjZbmtJrTq4neU8oj6fmXZMbcEPhneufgZPqyb1Xtb4Bk X-Bogosity: Ham, tests=bogofilter, spamicity=0.042004, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On (25/01/07 14:54), Kairui Song wrote: > From: Kairui Song > > If zram_meta_alloc failed early, it frees allocated zram->table without > setting it NULL. Which will potentially cause zram_meta_free to access > the table if user reset an failed and uninitialized device. > > Fixes: 74363ec674cb ("zram: fix uninitialized ZRAM not releasing backing device") > Cc: > Signed-off-by: Kairui Song Reviewed-by: Sergey Senozhatsky