diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-48659.patch')
-rw-r--r-- | meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-48659.patch | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-48659.patch b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-48659.patch new file mode 100644 index 000000000..840e2de82 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-kernel/linux/linux-aspeed/CVE-2022-48659.patch @@ -0,0 +1,73 @@ +From 016b150992eebc32c4a18f783cf2bb6e2545a3d9 Mon Sep 17 00:00:00 2001 +From: Chao Yu <chao.yu@oppo.com> +Date: Wed, 31 Aug 2022 22:54:54 +0800 +Subject: mm/slub: fix to return errno if kmalloc() fails + +commit 7e9c323c52b379d261a72dc7bd38120a761a93cd upstream. + +In create_unique_id(), kmalloc(, GFP_KERNEL) can fail due to +out-of-memory, if it fails, return errno correctly rather than +triggering panic via BUG_ON(); + +kernel BUG at mm/slub.c:5893! +Internal error: Oops - BUG: 0 [#1] PREEMPT SMP + +Call trace: + sysfs_slab_add+0x258/0x260 mm/slub.c:5973 + __kmem_cache_create+0x60/0x118 mm/slub.c:4899 + create_cache mm/slab_common.c:229 [inline] + kmem_cache_create_usercopy+0x19c/0x31c mm/slab_common.c:335 + kmem_cache_create+0x1c/0x28 mm/slab_common.c:390 + f2fs_kmem_cache_create fs/f2fs/f2fs.h:2766 [inline] + f2fs_init_xattr_caches+0x78/0xb4 fs/f2fs/xattr.c:808 + f2fs_fill_super+0x1050/0x1e0c fs/f2fs/super.c:4149 + mount_bdev+0x1b8/0x210 fs/super.c:1400 + f2fs_mount+0x44/0x58 fs/f2fs/super.c:4512 + legacy_get_tree+0x30/0x74 fs/fs_context.c:610 + vfs_get_tree+0x40/0x140 fs/super.c:1530 + do_new_mount+0x1dc/0x4e4 fs/namespace.c:3040 + path_mount+0x358/0x914 fs/namespace.c:3370 + do_mount fs/namespace.c:3383 [inline] + __do_sys_mount fs/namespace.c:3591 [inline] + __se_sys_mount fs/namespace.c:3568 [inline] + __arm64_sys_mount+0x2f8/0x408 fs/namespace.c:3568 + +Cc: <stable@kernel.org> +Fixes: 81819f0fc8285 ("SLUB core") +Reported-by: syzbot+81684812ea68216e08c5@syzkaller.appspotmail.com +Reviewed-by: Muchun Song <songmuchun@bytedance.com> +Reviewed-by: Hyeonggon Yoo <42.hyeyoo@gmail.com> +Signed-off-by: Chao Yu <chao.yu@oppo.com> +Acked-by: David Rientjes <rientjes@google.com> +Signed-off-by: Vlastimil Babka <vbabka@suse.cz> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +--- + mm/slub.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/mm/slub.c b/mm/slub.c +index 5211496f6d24fc..17e663cf38f69b 100644 +--- a/mm/slub.c ++++ b/mm/slub.c +@@ -5743,7 +5743,8 @@ static char *create_unique_id(struct kmem_cache *s) + char *name = kmalloc(ID_STR_LENGTH, GFP_KERNEL); + char *p = name; + +- BUG_ON(!name); ++ if (!name) ++ return ERR_PTR(-ENOMEM); + + *p++ = ':'; + /* +@@ -5825,6 +5826,8 @@ static int sysfs_slab_add(struct kmem_cache *s) + * for the symlinks. + */ + name = create_unique_id(s); ++ if (IS_ERR(name)) ++ return PTR_ERR(name); + } + + s->kobj.kset = kset; +-- +cgit 1.2.3-korg + |