From: Miaohe Lin <linmiaohe@huawei.com>
Date: Fri, 29 Apr 2022 06:40:43 +0000 (+0800)
Subject: mm/z3fold: fix possible null pointer dereferencing
X-Git-Tag: howlett/maple/20220722_2~426^2~21
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=7c61c35bbd6a888416e5a6de8ff8782a70d013d4;p=users%2Fjedix%2Flinux-maple.git

mm/z3fold: fix possible null pointer dereferencing

alloc_slots could fail to allocate memory under heavy memory pressure.  So
we should check zhdr->slots against NULL to avoid future null pointer
dereferencing.

Link: https://lkml.kernel.org/r/20220429064051.61552-3-linmiaohe@huawei.com
Fixes: fc5488651c7d ("z3fold: simplify freeing slots")
Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
Reviewed-by: Vitaly Wool <vitaly.wool@konsulko.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

diff --git a/mm/z3fold.c b/mm/z3fold.c
index c2260f5a5885..5d8c21f2bc59 100644
--- a/mm/z3fold.c
+++ b/mm/z3fold.c
@@ -940,9 +940,19 @@ lookup:
 		}
 	}
 
-	if (zhdr && !zhdr->slots)
+	if (zhdr && !zhdr->slots) {
 		zhdr->slots = alloc_slots(pool, GFP_ATOMIC);
+		if (!zhdr->slots)
+			goto out_fail;
+	}
 	return zhdr;
+
+out_fail:
+	if (!kref_put(&zhdr->refcount, release_z3fold_page_locked)) {
+		add_to_unbuddied(pool, zhdr);
+		z3fold_page_unlock(zhdr);
+	}
+	return NULL;
 }
 
 /*