Re: [PATCH v3 1/3] mm/shmem: check return value of shmem_init_inodecache
From: Muchun Song
Date: Mon Jun 06 2022 - 05:40:12 EST
On Mon, Jun 06, 2022 at 11:45:28AM +0800, Chen Wandun wrote:
> It will result in null pointer access if shmem_init_inodecache fail,
> so check return value of shmem_init_inodecache
>
> Signed-off-by: Chen Wandun <chenwandun@xxxxxxxxxx>
> ---
> mm/shmem.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/mm/shmem.c b/mm/shmem.c
> index 12d45a03f7fc..7419ab219b97 100644
> --- a/mm/shmem.c
> +++ b/mm/shmem.c
> @@ -3775,11 +3775,16 @@ static void shmem_init_inode(void *foo)
> inode_init_once(&info->vfs_inode);
> }
>
> -static void shmem_init_inodecache(void)
> +static int shmem_init_inodecache(void)
> {
> shmem_inode_cachep = kmem_cache_create("shmem_inode_cache",
> sizeof(struct shmem_inode_info),
> 0, SLAB_PANIC|SLAB_ACCOUNT, shmem_init_inode);
NACK, we cannot dereference a NULL pointer since SLAB_PANIC is passed
to kmem_cache_create().
> +
> + if (!shmem_inode_cachep)
> + return -ENOMEM;
> +
> + return 0;
> }
>
> static void shmem_destroy_inodecache(void)
> @@ -3923,7 +3928,9 @@ void __init shmem_init(void)
> {
> int error;
>
> - shmem_init_inodecache();
> + error = shmem_init_inodecache();
> + if (error)
> + goto out2;
>
> error = register_filesystem(&shmem_fs_type);
> if (error) {
> --
> 2.25.1
>
>