From 16c2b1d94f1b6e409d2f33612afc37b4b03b07d3 Mon Sep 17 00:00:00 2001 From: Suren Baghdasaryan Date: Sun, 27 Nov 2022 10:30:33 -0800 Subject: [PATCH] ANDROID: page_pinner: prevent pp_buffer access before initialization If page_pinner is configured with page_pinner_enabled=false and failure_tracking=true, pp_buffer will be accessed without being initialized. Prevent this by adding page_pinner_inited checks in functions that access it. Fixes: 898cfbf094a2 ("ANDROID: mm: introduce page_pinner") Bug: 259024332 Bug: 260179017 Change-Id: I8f612cae3e74d36e8a4eee5edec25281246cbe5e Signed-off-by: Suren Baghdasaryan (cherry picked from commit 23fb3111f63e5fe239a769668275c20493a5849c) --- include/linux/page_pinner.h | 6 ++++++ mm/page_pinner.c | 1 + 2 files changed, 7 insertions(+) diff --git a/include/linux/page_pinner.h b/include/linux/page_pinner.h index ba14d7636dc0..6dd0f9d3b394 100644 --- a/include/linux/page_pinner.h +++ b/include/linux/page_pinner.h @@ -41,6 +41,9 @@ static inline void dump_page_pinner(struct page *page) static inline void page_pinner_put_page(struct page *page) { + if (!static_branch_unlikely(&page_pinner_inited)) + return; + if (!static_branch_unlikely(&failure_tracking)) return; @@ -49,6 +52,9 @@ static inline void page_pinner_put_page(struct page *page) static inline void page_pinner_failure_detect(struct page *page) { + if (!static_branch_unlikely(&page_pinner_inited)) + return; + if (!static_branch_unlikely(&failure_tracking)) return; diff --git a/mm/page_pinner.c b/mm/page_pinner.c index a444584103ad..74543cefce4f 100644 --- a/mm/page_pinner.c +++ b/mm/page_pinner.c @@ -57,6 +57,7 @@ static struct longterm_pinner acf_pinner = { static bool page_pinner_enabled; DEFINE_STATIC_KEY_FALSE(page_pinner_inited); +EXPORT_SYMBOL(page_pinner_inited); DEFINE_STATIC_KEY_TRUE(failure_tracking); EXPORT_SYMBOL(failure_tracking);