[SRU][J/I/H/F][PATCH 0/1] Drop "UBUNTU: SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while vmscan is active"
Andrea Righi
andrea.righi at canonical.com
Tue Oct 19 10:33:07 UTC 2021
BugLink: https://bugs.launchpad.net/bugs/1947709
[Impact]
"UBUNTU: SAUCE: cachefiles: Page leaking in cachefiles_read_backing_file while
vmscan is active" has been applied to fix a page leaking issue.
However a slightly different fix has been applied upstream:
9a24ce5b66f9 ("cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active")
Basically we are fixing the same issue in two different ways at the same time,
but even worse our patch an introduce a potential NULL pointer dereference: we
do a put_page(newpage) and set newpage = NULL in the main for() loop and then
we may do additional put_page(newpage) after the main for loop if
ret == -EEXIST, that would trigger the NULL pointer dereference.
[Test case]
No test case or reproducer is available at the moment, this issue has been
found simply by reviewing the code.
[Fix]
Drop the SAUCE patch and rely on the upstream fix.
[Regression potential]
If the analysis is not correct we may re-introduce a page leak in cachefiles
(NFS for example), but it seems unlikely to happen, since the upstream fix is
addressing the page leaking already.
More information about the kernel-team
mailing list