tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

mm/damon/sysfs: fix param_ctx leak on damon_sysfs_new_test_ctx() failure

Patch series "mm/damon/sysfs: fix memory leak and NULL dereference
issues", v4.

DAMON_SYSFS can leak memory under allocation failure, and do NULL pointer
dereference when a privileged user make wrong sequences of control. Fix
those.


This patch (of 3):

When damon_sysfs_new_test_ctx() fails in damon_sysfs_commit_input(),
param_ctx is leaked because the early return skips the cleanup at the out
label. Destroy param_ctx before returning.

Link: https://lkml.kernel.org/r/20260321175427.86000-1-sj@kernel.org
Link: https://lkml.kernel.org/r/20260321175427.86000-2-sj@kernel.org
Fixes: f0c5118ebb0e ("mm/damon/sysfs: catch commit test ctx alloc failure")
Signed-off-by: Josh Law <objecting@objecting.org>
Reviewed-by: SeongJae Park <sj@kernel.org>
Signed-off-by: SeongJae Park <sj@kernel.org>
Cc: <stable@vger.kernel.org> [6.18+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

authored by

Josh Law and committed by
Andrew Morton 7fe000eb 9e0d0ddf

+3 -1
+3 -1
mm/damon/sysfs.c
··· 1524 1524 if (IS_ERR(param_ctx)) 1525 1525 return PTR_ERR(param_ctx); 1526 1526 test_ctx = damon_sysfs_new_test_ctx(kdamond->damon_ctx); 1527 - if (!test_ctx) 1527 + if (!test_ctx) { 1528 + damon_destroy_ctx(param_ctx); 1528 1529 return -ENOMEM; 1530 + } 1529 1531 err = damon_commit_ctx(test_ctx, param_ctx); 1530 1532 if (err) 1531 1533 goto out;