From patchwork Sun Sep 29 23:05:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gianfranco Trad X-Patchwork-Id: 13815268 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AD541CF6498 for ; Sun, 29 Sep 2024 23:07:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D877C6B01A9; Sun, 29 Sep 2024 19:07:00 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D36EB6B01AB; Sun, 29 Sep 2024 19:07:00 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BD6E4900009; Sun, 29 Sep 2024 19:07:00 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 9CA3D6B01A9 for ; Sun, 29 Sep 2024 19:07:00 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 4815EAB372 for ; Sun, 29 Sep 2024 23:07:00 +0000 (UTC) X-FDA: 82619313000.21.DDB636D Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) by imf04.hostedemail.com (Postfix) with ESMTP id 846E440009 for ; Sun, 29 Sep 2024 23:06:57 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=LeVFGaHs; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf04.hostedemail.com: domain of gianf.trad@gmail.com designates 209.85.128.43 as permitted sender) smtp.mailfrom=gianf.trad@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727651198; a=rsa-sha256; cv=none; b=8VPO+kxq9I6SPIuhO5ISpkDpEKcv4/Zr4U4uubLWLSLuH2jvVx0eTLD6FgmekVRRX18vJ4 +EJe1l5YDhE/XIOIFczblSggyKfzwSiwK1NHKouV+3pFqWlCNR2DFouxmNON83/MQwfGaw IlRWw9Cz3dvXCvDlSdoKaUJmZWBdpeQ= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=LeVFGaHs; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf04.hostedemail.com: domain of gianf.trad@gmail.com designates 209.85.128.43 as permitted sender) smtp.mailfrom=gianf.trad@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727651198; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=2jdFejcxdLhzzj1xvhfj2HwO/ISLBOj58Q9HnQMa3XM=; b=B0TWD/vZ8+NnXebaxpF8EinQqFaMWh0a8og17Oa3gmeI1bqiEGJigLtrJVsnVrzSGFdQRL xmbEVm21a0D5pEfYloWKgfGAF8i3F0all8RQhTJfwmm+IulGH1azjhKBuE9wMGXg7jAL/R tUCRBNBfwW4jvzFmBtBirS5i0JnTbVg= Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-42cbc22e1c4so27186295e9.2 for ; Sun, 29 Sep 2024 16:06:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1727651216; x=1728256016; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=2jdFejcxdLhzzj1xvhfj2HwO/ISLBOj58Q9HnQMa3XM=; b=LeVFGaHsQ9EdG2WcI5zNV118JDy7LPdefgg1WUHuIQq+VkiiKd4rM7gkI0IwkVatgo s3hHzBqzfrfvUGwWsCDiPzLJExLpKOeriIdiCAcpDTW1orfqu0EEhQwAcsK9xgYx6G3q 9SWKZA12U8NXckNt17MsRZ3p9ll7/pD7wE6Gcm/QR4QOT+lIjAd8QQ0u1fq7siaf1Kkz CKlGQpQprCgUFTYxf2zs9M4mUv+iHGg20Eugu3rW0V3YsmkavLQEGLWR0ir110T1M3yw V4VTto1entUTbrMcy0TraYaJTQNbed+28u11y18avPuy3SumRoVBvGYc3kmaSAwrMrBc l6Cg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1727651216; x=1728256016; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2jdFejcxdLhzzj1xvhfj2HwO/ISLBOj58Q9HnQMa3XM=; b=YQMn26NOtMQv0S/Bn1RAniTBoy0LaGMSjeA3Oe9EhH5szAkcJ7g3Fxg/FQ4Xl1zKIF eik7ubz3CuJMsvOwq/4MsW3FnM3sSLvTQXEWza1mNE/r+v90jqRH6Bk8YD/0rTg++WDO RkIOHRU1hScdZzN/3VIlNAh3h/viN/9DFe48Lran6wJ/xFjYNRiQ0vOrtbCRE+PUkYBq 0PAWbXPvVkENHM3tCTo+Ci3eTlusHWsZeDda6kd8iBYI0QUyjEWb0UdGp7u3PbufBwPM UN/l7G/oHPcFj3ub38xOU6jZD6s5DKtigXZqQEi+cm3POb9r1BETtHfJDx2YK6SySqhF XqAA== X-Forwarded-Encrypted: i=1; AJvYcCVnIee6/9LwjXK3/bbqLYHLh3yeBglAP1m3fotKk8kSGhuTttBwMV04BCxCOz7VMpvCCXeLJUos4Q==@kvack.org X-Gm-Message-State: AOJu0YyKT0lOS3DQzyRYj0mgxVXar4nLk8OKI5hrIMsThxYKgYiFD7Z4 mDLzb0mL6ncXIIDFAySz1/X+G3j6IJhKGIxMDNNePvQ/D4tN8Icu X-Google-Smtp-Source: AGHT+IHh/iA4AezibHLdoZoaho0VJVidl7o8NgQVKmYwAGPqu4fmymwqfCOukvYNPNu6GcpbDT9KdA== X-Received: by 2002:a05:600c:4f14:b0:429:e6bb:a436 with SMTP id 5b1f17b1804b1-42f58414591mr68210565e9.9.1727651215870; Sun, 29 Sep 2024 16:06:55 -0700 (PDT) Received: from gi4n-KLVL-WXX9.. ([2a01:e11:5400:7400:ca98:6bb1:3a23:ef55]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-42f57dd2eadsm87441985e9.6.2024.09.29.16.06.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 29 Sep 2024 16:06:55 -0700 (PDT) From: Gianfranco Trad To: willy@infradead.org, akpm@linux-foundation.org Cc: linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, skhan@linuxfoundation.org, Gianfranco Trad , syzbot+4089e577072948ac5531@syzkaller.appspotmail.com Subject: [PATCH v1] Fix NULL pointer dereference in read_cache_folio Date: Mon, 30 Sep 2024 01:05:50 +0200 Message-ID: <20240929230548.370027-3-gianf.trad@gmail.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 X-Rspam-User: X-Stat-Signature: 5ktt1xjat3mie9tm4m7py9zarpssmct7 X-Rspamd-Queue-Id: 846E440009 X-Rspamd-Server: rspam02 X-HE-Tag: 1727651217-872382 X-HE-Meta: U2FsdGVkX1+Q8u5zITT6pai12oKvxscBEcuwewBAFEQ0E8Q7S8UkyKt66ahNggDaItExUU1t1HEX/b2bNLnKVdJFU7GkESD0IB8enMgGJDLab2ZF2aIREMaw2amM2RbexB2QFVM5cGxfvanQE9zT3kOIhVamZ50uqJY0ouCvvDBifavjZKBgeMxBTROd8+uUOdPoxz1ZwYgru3f9hyLdQEuOgeUmlPHstf2/F5bRVQvoRiFRGkbfi1oykZE8JwcpjWMV5UAPYsOAi8tmanzHZjnMF7fGek1/Nz3tj+ugr0dCs+IGh+Mjt91kYGyNTmWeuJEhCAjuhpFsxkbZJyaDk1grVtd9ilsu0ePIYY0vlyXbD86CFtVJT7gCYoAPVPCGDzzlwZvlIcIBjNuOgfUlOBALiUzBRAO1BqPZQ6QEopiUGW2C0Cs/W5rJ+RTrvuP0ewcdC5yz6OmCEwruIilQnIJA1a7LJ9irq9gZ6ZtRSidt7Yjy08gmJtb4ZEs5WnJE4Y/+b84xpdCOylAZLYT1Ere7iqFB3fkQVPlO0QAtxOBI3hpyoO6GArRgoyE6MUHwKbcNul/gqv1LgIRUWThZEE/3FdzP3w0OFBwD5tIY79h3Qc9QQL+laEH+oHbhugkbZeTGNPwwgwrpL36sdmRdhkzRZ7MQnEwm64F1sebdQQEc4KPs0sX5ezpZ2YnlcevuTNhLoi+3QVzvZDLaPxmxAQMJiob8NDrL6e4nbZFGsU3F1dBLZ9bq52CBwsW20JXC5sBOLSYV9xV+/qYNHdif00ALxwNILdSzF8KH3JArgc/EyYpQ5hHo9phNRXrCbtKMdVF0Fg/yUWddkcZED2fvqdBkeY9+DDssIsnwPd6J/8HDMK47ajF8FAP6C307q1o5dNKz6YFTNce2InpCoNwSnbVMulYVlJUzLMrB3z2jbqEKVyJRiFKRiXJYPtq5BAyskzfkbGgE2qmdhstxAPV dU3i2qPU 6S4Wqr2ZQFCAOxAVJswfiF81yK3aHNyA4ALQH9joWF8mW9fg9fmSDmhGfJHmgjsUdy7SpVGFRoa2cN/HfnL0vBtOi88RN3N+3xHb3n3PeZAq46oSd2oMkkFPXHPCTZDC382rCtMYnS4sND7rxg1x6QxlYGik7sDgG66mPEWhIO7pj1bkOntiCl7Eld5oH7NWQrY2xJeep3fhV9dA3pkmPNaXC5PL3+geB+urQ2aO/n1/1reJ0vwEgzuIGwwx/EQlxrjiyqxcbunV8PiCY6x1P5TckAzcW/Xvx7+GOOfGpUqvRKsuq9B9agYcXicGiRsAk5SJzFIP5QPWiElXM1Nqpk7uE/CkAG1aHZMipj39jcNYn288QT3cD9ytmUGAsQgVRg/dh2XpnRQqCKvNkJZPG3NIv+JRTuyDFfwV7QZZ/e4EyLI66nbx4CtJEYr785Qm8GcFucEDQbfLh3bSa2kDwIawuIsOYJd0QV5sQXVgSI1YvPgI8wBT1VBA4hJxogN7woSjQvfpnGO6QzDhRuuDsOlEduOxD5bWzuDkOATTD6jtKyRzZsYM+0sv/E6q3o30wmDO0z+OnHBqELkPd2Wvp1Zb4id+/Trh4IRsbkh4qTp99z1wk/E92KvHoLi/X4tQ+kHMMXFGAfsy/NTA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000023, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Add check on filler to prevent NULL pointer dereference condition in read_cache_folio[1]. [1] https://syzkaller.appspot.com/bug?extid=4089e577072948ac5531 Reported-by: syzbot+4089e577072948ac5531@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=4089e577072948ac5531 Tested-by: syzbot+4089e577072948ac5531@syzkaller.appspotmail.com Signed-off-by: Gianfranco Trad --- mm/filemap.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mm/filemap.c b/mm/filemap.c index 4f3753f0a158..960f389e2d3b 100644 --- a/mm/filemap.c +++ b/mm/filemap.c @@ -2360,7 +2360,10 @@ static int filemap_read_folio(struct file *file, filler_t filler, /* Start the actual read. The read will unlock the page. */ if (unlikely(workingset)) psi_memstall_enter(&pflags); - error = filler(file, folio); + if (filler) + error = filler(file, folio); + else + return -EIO; if (unlikely(workingset)) psi_memstall_leave(&pflags); if (error)