1. Patchew
  2. linux
  3. [PATCH v2 0/2] kernfs: Fix UAF in PSI polling when open file is released
  4. View patch

[PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release

Chen Ridong posted 2 patches 1 month, 1 week ago
[PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release
Posted by Chen Ridong 1 month, 1 week ago 
From: Chen Ridong <chenridong@huawei.com>

Setting of->priv to NULL when the file is released enables earlier bug
detection. This allows potential bugs to manifest as NULL pointer
dereferences rather than use-after-free errors[1], which are generally more
difficult to diagnose.

[1] https://lore.kernel.org/cgroups/38ef3ff9-b380-44f0-9315-8b3714b0948d@huaweicloud.com/T/#m8a3b3f88f0ff3da5925d342e90043394f8b2091b
Signed-off-by: Chen Ridong <chenridong@huawei.com>
---
 kernel/cgroup/cgroup.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
index 312c6a8b55bb..d8b82afed181 100644
--- a/kernel/cgroup/cgroup.c
+++ b/kernel/cgroup/cgroup.c
@@ -4159,6 +4159,7 @@ static void cgroup_file_release(struct kernfs_open_file *of)
 		cft->release(of);
 	put_cgroup_ns(ctx->ns);
 	kfree(ctx);
+	of->priv = NULL;
 }
 
 static ssize_t cgroup_file_write(struct kernfs_open_file *of, char *buf,
-- 
2.34.1
Re: [PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release
Posted by Tejun Heo 1 month, 1 week ago 
On Fri, Aug 22, 2025 at 07:07:15AM +0000, Chen Ridong wrote:
> From: Chen Ridong <chenridong@huawei.com>
> 
> Setting of->priv to NULL when the file is released enables earlier bug
> detection. This allows potential bugs to manifest as NULL pointer
> dereferences rather than use-after-free errors[1], which are generally more
> difficult to diagnose.
> 
> [1] https://lore.kernel.org/cgroups/38ef3ff9-b380-44f0-9315-8b3714b0948d@huaweicloud.com/T/#m8a3b3f88f0ff3da5925d342e90043394f8b2091b
> Signed-off-by: Chen Ridong <chenridong@huawei.com>

Applied to cgroup/for-6.17-fixes.

Thanks.

-- 
tejun
Re: [PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release
Posted by Greg KH 1 month, 1 week ago 
On Fri, Aug 22, 2025 at 07:48:08AM -1000, Tejun Heo wrote:
> On Fri, Aug 22, 2025 at 07:07:15AM +0000, Chen Ridong wrote:
> > From: Chen Ridong <chenridong@huawei.com>
> > 
> > Setting of->priv to NULL when the file is released enables earlier bug
> > detection. This allows potential bugs to manifest as NULL pointer
> > dereferences rather than use-after-free errors[1], which are generally more
> > difficult to diagnose.
> > 
> > [1] https://lore.kernel.org/cgroups/38ef3ff9-b380-44f0-9315-8b3714b0948d@huaweicloud.com/T/#m8a3b3f88f0ff3da5925d342e90043394f8b2091b
> > Signed-off-by: Chen Ridong <chenridong@huawei.com>
> 
> Applied to cgroup/for-6.17-fixes.

Both or just this second patch?  Should I take the first through the
driver-core tree, or do you want to take it through the cgroup tree?  No
objection from me for you to take both :)

thanks,

greg k-h
Re: [PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release
Posted by Tejun Heo 1 month, 1 week ago 
Hello, Greg.

On Sat, Aug 23, 2025 at 08:43:48AM +0200, Greg KH wrote:
> > Applied to cgroup/for-6.17-fixes.
> 
> Both or just this second patch?  Should I take the first through the
> driver-core tree, or do you want to take it through the cgroup tree?  No
> objection from me for you to take both :)

Sorry about the lack of clarity. Just the second one. The first one looks
fine to me but it would probably be more appropriate if you take it.

Thanks!

-- 
tejun
Re: [PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release
Posted by Chen Ridong 1 month ago 

On 2025/8/26 1:32, Tejun Heo wrote:
> Hello, Greg.
> 
> On Sat, Aug 23, 2025 at 08:43:48AM +0200, Greg KH wrote:
>>> Applied to cgroup/for-6.17-fixes.
>>
>> Both or just this second patch?  Should I take the first through the
>> driver-core tree, or do you want to take it through the cgroup tree?  No
>> objection from me for you to take both :)
> 
> Sorry about the lack of clarity. Just the second one. The first one looks
> fine to me but it would probably be more appropriate if you take it.
> 
> Thanks!
> 

Hello all,

Any other opinions? Can this patch be applied?

-- 
Best regards,
Ridong
Re: [PATCH v2 2/2] cgroup/psi: Set of->priv to NULL upon file release
Posted by Greg KH 1 month ago 
On Mon, Sep 01, 2025 at 09:38:49AM +0800, Chen Ridong wrote:
> 
> 
> On 2025/8/26 1:32, Tejun Heo wrote:
> > Hello, Greg.
> > 
> > On Sat, Aug 23, 2025 at 08:43:48AM +0200, Greg KH wrote:
> >>> Applied to cgroup/for-6.17-fixes.
> >>
> >> Both or just this second patch?  Should I take the first through the
> >> driver-core tree, or do you want to take it through the cgroup tree?  No
> >> objection from me for you to take both :)
> > 
> > Sorry about the lack of clarity. Just the second one. The first one looks
> > fine to me but it would probably be more appropriate if you take it.
> > 
> > Thanks!
> > 
> 
> Hello all,
> 
> Any other opinions? Can this patch be applied?

Please give us a chance to catch up with patch reviews :)

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.