Re: [PATCH AUTOSEL 4.20 42/81] relay: check return of create_buf_file() properly

[Greg Kroah-Hartman]

On Thu, Feb 28, 2019 at 10:07:34AM -0500, Sasha Levin wrote:
> From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> 
> [ Upstream commit 2c1cf00eeacb784781cf1c9896b8af001246d339 ]
> 
> If create_buf_file() returns an error, don't try to reference it later
> as a valid dentry pointer.
> 
> This problem was exposed when debugfs started to return errors instead
> of just NULL for some calls when they do not succeed properly.
> 
> Also, the check for WARN_ON(dentry) was just wrong :)
> 
> Reported-by: Kees Cook <keescook@xxxxxxxxxxxx>
> Reported-and-tested-by: syzbot+16c3a70e1e9b29346c43@xxxxxxxxxxxxxxxxxxxxxxxxx
> Reported-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: David Rientjes <rientjes@xxxxxxxxxx>
> Fixes: ff9fb72bc077 ("debugfs: return error values, not NULL")
> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
> ---
>  kernel/relay.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)

Same here as well, please drop this from all queues.

greg k-h