]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 79f919a)
cgroup/psi: Set of->priv to NULL upon file release
authorChen Ridong <chenridong@huawei.com>
Fri, 22 Aug 2025 07:07:15 +0000 (07:07 +0000)
committerTejun Heo <tj@kernel.org>
Fri, 22 Aug 2025 17:47:43 +0000 (07:47 -1000)
Setting of->priv to NULL when the file is released enables earlier bug
detection. This allows potential bugs to manifest as NULL pointer
dereferences rather than use-after-free errors[1], which are generally more
difficult to diagnose.

[1] https://lore.kernel.org/cgroups/38ef3ff9-b380-44f0-9315-8b3714b0948d@huaweicloud.com/T/#m8a3b3f88f0ff3da5925d342e90043394f8b2091b
Signed-off-by: Chen Ridong <chenridong@huawei.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
kernel/cgroup/cgroup.c patch | blob | blame | history

diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 79b1d79f86a342ab8868971d5eeb603f35a13dc1..77d02f87f3f121a5d0bc47e4d9d5c1a8d53c7192 100644 (file)
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -4182,6 +4182,7 @@ static void cgroup_file_release(struct kernfs_open_file *of)
                cft->release(of);
        put_cgroup_ns(ctx->ns);
        kfree(ctx);
+       of->priv = NULL;
 }
 
 static ssize_t cgroup_file_write(struct kernfs_open_file *of, char *buf,
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git