diff options
author | Sergey Senozhatsky | 2022-08-16 14:09:06 +0900 |
---|---|---|
committer | Andrew Morton | 2022-08-28 14:02:44 -0700 |
commit | a5d2172180e8f94a8cfc7a7fa0243035629bf8d0 (patch) | |
tree | f928252b9aafe2a463ad3aa31457b297ba7fc0fc | |
parent | 44e602b4e52f70f04620bbbf4fe46ecb40170bde (diff) |
mm/zsmalloc: do not attempt to free IS_ERR handle
zsmalloc() now returns ERR_PTR values as handles, which zram accidentally
can pass to zs_free(). Another bad scenario is when zcomp_compress()
fails - handle has default -ENOMEM value, and zs_free() will try to free
that "pointer value".
Add the missing check and make sure that zs_free() bails out when
ERR_PTR() is passed to it.
Link: https://lkml.kernel.org/r/20220816050906.2583956-1-senozhatsky@chromium.org
Fixes: c7e6f17b52e9 ("zsmalloc: zs_malloc: return ERR_PTR on failure")
Signed-off-by: Sergey Senozhatsky <senozhatsky@chromium.org>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Nitin Gupta <ngupta@vflare.org>,
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-rw-r--r-- | mm/zsmalloc.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c index 34f784a1604b..907c9b1e1e61 100644 --- a/mm/zsmalloc.c +++ b/mm/zsmalloc.c @@ -1487,7 +1487,7 @@ void zs_free(struct zs_pool *pool, unsigned long handle) struct size_class *class; enum fullness_group fullness; - if (unlikely(!handle)) + if (IS_ERR_OR_NULL((void *)handle)) return; /* |