From db87943932bf279a048278c0f3877efc5cb5d6f6 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 13 May 2024 15:42:40 +0200
Subject: [PATCH] 6.8-stable patches

added patches:
	mm-slab-make-__free-kfree-accept-error-pointers.patch
---
 ...e-__free-kfree-accept-error-pointers.patch | 51 +++++++++++++++++++
 queue-6.8/series                              |  1 +
 2 files changed, 52 insertions(+)
 create mode 100644 queue-6.8/mm-slab-make-__free-kfree-accept-error-pointers.patch

diff --git a/queue-6.8/mm-slab-make-__free-kfree-accept-error-pointers.patch b/queue-6.8/mm-slab-make-__free-kfree-accept-error-pointers.patch
new file mode 100644
index 00000000000..6d7e3a718c1
--- /dev/null
+++ b/queue-6.8/mm-slab-make-__free-kfree-accept-error-pointers.patch
@@ -0,0 +1,51 @@
+From cd7eb8f83fcf258f71e293f7fc52a70be8ed0128 Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@linaro.org>
+Date: Sun, 28 Apr 2024 17:26:44 +0300
+Subject: mm/slab: make __free(kfree) accept error pointers
+
+From: Dan Carpenter <dan.carpenter@linaro.org>
+
+commit cd7eb8f83fcf258f71e293f7fc52a70be8ed0128 upstream.
+
+Currently, if an automatically freed allocation is an error pointer that
+will lead to a crash.  An example of this is in wm831x_gpio_dbg_show().
+
+   171	char *label __free(kfree) = gpiochip_dup_line_label(chip, i);
+   172	if (IS_ERR(label)) {
+   173		dev_err(wm831x->dev, "Failed to duplicate label\n");
+   174		continue;
+   175  }
+
+The auto clean up function should check for error pointers as well,
+otherwise we're going to keep hitting issues like this.
+
+Fixes: 54da6a092431 ("locking: Introduce __cleanup() based infrastructure")
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
+Acked-by: David Rientjes <rientjes@google.com>
+Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/slab.h |    4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/include/linux/slab.h
++++ b/include/linux/slab.h
+@@ -228,7 +228,7 @@ void kfree(const void *objp);
+ void kfree_sensitive(const void *objp);
+ size_t __ksize(const void *objp);
+ 
+-DEFINE_FREE(kfree, void *, if (_T) kfree(_T))
++DEFINE_FREE(kfree, void *, if (!IS_ERR_OR_NULL(_T)) kfree(_T))
+ 
+ /**
+  * ksize - Report actual allocation size of associated object
+@@ -754,7 +754,7 @@ static inline __alloc_size(1, 2) void *k
+ extern void *kvrealloc(const void *p, size_t oldsize, size_t newsize, gfp_t flags)
+ 		      __realloc_size(3);
+ extern void kvfree(const void *addr);
+-DEFINE_FREE(kvfree, void *, if (_T) kvfree(_T))
++DEFINE_FREE(kvfree, void *, if (!IS_ERR_OR_NULL(_T)) kvfree(_T))
+ 
+ extern void kvfree_sensitive(const void *addr, size_t len);
+ 
diff --git a/queue-6.8/series b/queue-6.8/series
index b7221610208..bab0f28c0ff 100644
--- a/queue-6.8/series
+++ b/queue-6.8/series
@@ -265,3 +265,4 @@ btrfs-set-correct-ram_bytes-when-splitting-ordered-extent.patch
 btrfs-qgroup-do-not-check-qgroup-inherit-if-qgroup-is-disabled.patch
 btrfs-make-sure-that-written-is-set-on-all-metadata-blocks.patch
 maple_tree-fix-mas_empty_area_rev-null-pointer-dereference.patch
+mm-slab-make-__free-kfree-accept-error-pointers.patch
-- 
2.47.3