From: Daejun Park <daejun7.park@samsung.com> stable inclusion from stable-v6.10.3 commit 381cbe85592c78fbaeb3e770e3e9f3bfa3e67efb category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/381cbe85592c78fbaeb3e770e3e9f3... CVE: CVE-2024-43857 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=... -------------------------------- [ Upstream commit c82bc1ab2a8a5e73d9728e80c4c2ed87e8921a38 ] This patch fixes a potentially null pointer being accessed by is_end_zone_blkaddr() that checks the last block of a zone when f2fs is mounted as a single device. Fixes: e067dc3c6b9c ("f2fs: maintain six open zones for zoned devices") Signed-off-by: Daejun Park <daejun7.park@samsung.com> Reviewed-by: Chao Yu <chao@kernel.org> Reviewed-by: Daeho Jeong <daehojeong@google.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> Conflicts: fs/f2fs/data.c [Since hulk-6.6 does not merge stable inclusion commit 7437bb73f087 ("block: remove support for the host aware zone model")] Signed-off-by: Kaixiong Yu <yukaixiong@huawei.com> --- fs/f2fs/data.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c index 84fc87018180..0acafb505efc 100644 --- a/fs/f2fs/data.c +++ b/fs/f2fs/data.c @@ -924,6 +924,7 @@ int f2fs_merge_page_bio(struct f2fs_io_info *fio) #ifdef CONFIG_BLK_DEV_ZONED static bool is_end_zone_blkaddr(struct f2fs_sb_info *sbi, block_t blkaddr) { + struct block_device *bdev = sbi->sb->s_bdev; int devi = 0; if (f2fs_is_multi_device(sbi)) { @@ -934,8 +935,9 @@ static bool is_end_zone_blkaddr(struct f2fs_sb_info *sbi, block_t blkaddr) return false; } blkaddr -= FDEV(devi).start_blk; + bdev = FDEV(devi).bdev; } - return bdev_zoned_model(FDEV(devi).bdev) == BLK_ZONED_HM && + return bdev_zoned_model(bdev) == BLK_ZONED_HM && f2fs_blkz_is_seq(sbi, devi, blkaddr) && (blkaddr % sbi->blocks_per_blkz == sbi->blocks_per_blkz - 1); } -- 2.25.1